In: Computer Science
You are part of a team responsible for designing an assessment to determine whether or not your company’s information security controls are in compliance and to identify any necessary improvements or adjustments.
Select two of the aspects listed below and discuss the importance of each in establishing a successful security metrics program. Give specific examples. What problems/issues might your company face if those aspects are not handled appropriately?
1. Developing strategies for collecting metrics data:- This field should specify the data source ,frequency of collection of data and allocate the responsibility of data compilation.Automated collection of data is generally more accurate than manual collection so organisation should employ automated way of data collection ,analyse it and report it into matrices.Automated collection is easy to configure and require less resources to be used in case of manual collection.
example:-If there is threat of viruses in a computer system then it will be the first question that what is the source of viruses,is it coming from external removable media storage or is it through internet browsing or emails.if we have found that the virus and threats are due to emails then we have to develop a strategy so to collect data based upon the emails like the numberof spyware or virus detected in emails or the percentage of suspected emails detected, then we have to ensure the frquency of data collection according to the percentage of suspected emil detected and then form the security matrics according to that.
2. Conducting a formal program review cycle:-The continue feedback of the security matrics is very necesaary to evaluate the matrics and its value and if it is not progressing or improving then it has to be discarded.New matrics should be added to improve and refine the progress of security program.A fresh scan of security matrics standard and its accuracy should be done to ensure the fine tuning of program.
example:-If the email threats and virus data is collected and matrics is formed and suppose a new type of malware attack through internet and email will be there ,so to prevent that new matrics should be added or the older matrics should be updated and improved to identify that new malware or spyware.