Introduction by Dr. Paul Losiewicz The Cyber Security Metrics Workshop is a one-day review of current trends in policy, tools and techniques of interest to managers and Cyber Security professionals useful in measuring ones cyber security vulnerability. The workshop provides an overview of the current state of understanding of what is presently available and
Series: Cybersecurity Metrics Workshop
The Cybersecurity Metrics Workshop was a one-day review of current trends in policy, tools and techniques of interest to managers and Cyber Security professionals useful in measuring one's cyber security vulnerability. The workshop provided an overview of the current state of understanding of what is presently available and focused on what research needs to be done to develop robust and easy to use techniques to assess and monitor cyber preparedness and vulnerability.
Richard Aldrich, Booz Allen Hamilton Too often cyber security metrics reports tend to either be based on whatever data was most readily available, or include low-level data of a very technical nature. In such cases the response of the recipient is likely to be, “So what?” This presentation will address four key issues to consider to better anticipate and add
Cyber security metrics often focus on compliance and exposure to risk based on factors such as number of attack vectors and duration of exposure to vulnerabilities. Based on trends published in reports such as the Verizon DBIR of 2013, current cyber security metrics practice needs to improve in order to detect cyber-attacks quickly and drive business action.
This talk will summarize the findings of two workshops held in 2014 focused on Cyber Security hard problems, the research challenges, and select industry needs. Invited distinguished researchers and subject matter experts from industry briefed cyber security challenges in diverse fields, such as Defense/Military, Government, Intelligence, Financial,
The ability to accurately forecast the probability of potential cyber threats is critical for making decisions regarding appropriate defenses. Unfortunately, the assessment tools typically focus on the accuracy of the decisions rather than the accuracy of the models. Common examples include the confusion matrix of correct and incorrect decisions and the
Cyber experimenters have faced a perplexing challenge when it comes to performance metrics. There is no commonly accepted standard to compare system resilience to a cyber-attack. Through a series of red team experiments on DoD microgrids, both in labs and against live systems, researchers from U.S. Pacific Command have developed a metric that has proven to
The need and desire for metrics on cybersecurity has been a priority request from OSD leadership for ten years. When “cyber” became a quasi-official warfighting “domain” a decade ago, major programs of record were categorized as “cyber” programs. As such, the programs needed quantitative program parameters so that DoD leadership could track financial progress
Moderator: Dr. Paul Losiewicz, Quanterion Solutions, Inc. Panelists: Richard Aldrich (Booz Allen Hamilton), Dr. Kenric Nelson (Raytheon), Dr. John Bay (Cyber Research center),Dr. Len Popyack (Utica College) The Cyber Security Metrics Workshop is a one-day review of current trends in policy, tools and techniques of interest to managers and Cyber Securit