| 000 | 07275cam a22008297i 4500 | ||
|---|---|---|---|
| 001 | on1375438384 | ||
| 003 | OCoLC | ||
| 005 | 20240523125544.0 | ||
| 006 | m o d | ||
| 007 | cr cnu---unuuu | ||
| 008 | 230412s2023 nju o 000 0 eng d | ||
| 040 |
_aYDX _beng _erda _cYDX _dN$T _dYDX _dEBLCP _dGZM _dUKMGB _dTEF _dORMDA _dOCLCO _dOCLCL |
||
| 015 |
_aGBC376704 _2bnb |
||
| 016 | 7 |
_a021027124 _2Uk |
|
| 019 | _a1375298579 | ||
| 020 |
_a9781119892311 _q(electronic book) |
||
| 020 |
_a1119892317 _q(electronic book) |
||
| 020 |
_a9781119892328 _q(electronic book) |
||
| 020 |
_a1119892325 _q(electronic book) |
||
| 020 |
_a9781119892335 _q(electronic book) |
||
| 020 |
_a1119892333 _q(electronic book) |
||
| 020 | _z1119892309 | ||
| 020 | _z9781119892304 | ||
| 024 | 7 |
_a10.1002/9781119892335 _2doi |
|
| 029 | 1 |
_aUKMGB _b021027124 |
|
| 029 | 1 |
_aAU@ _b000074347080 |
|
| 035 |
_a(OCoLC)1375438384 _z(OCoLC)1375298579 |
||
| 037 |
_a9781119892311 _bWiley, US |
||
| 037 |
_a9781119892304 _bO'Reilly Media |
||
| 050 | 4 |
_aHV6773.15.C97 _bH835 2023eb |
|
| 082 | 0 | 4 |
_a658.4/78 _223 |
| 049 | _aMAIN | ||
| 100 | 1 |
_aHubbard, Douglas W., _d1962- _eauthor. _1https://id.oclc.org/worldcat/entity/E39PCjBkFm84JGy6X73hCJ4J8P |
|
| 245 | 1 | 0 |
_aHow to measure anything in cybersecurity risk / _cDouglas W. Hubbard, Richard Seiersen. |
| 250 | _aSecond edition. | ||
| 264 | 1 |
_aHoboken, New Jersey : _bWiley, _c[2023] |
|
| 300 | _a1 online resource | ||
| 336 |
_atext _btxt _2rdacontent |
||
| 337 |
_acomputer _bc _2rdamedia |
||
| 338 |
_aonline resource _bcr _2rdacarrier |
||
| 588 | _aDescription based on online resource; title from digital title page (viewed on April 25, 2023). | ||
| 505 | 0 | _aCover -- Title Page -- Copyright Page -- Contents -- Foreword for the Second Edition -- Acknowledgments -- Preface -- How to Measure Anything in Cybersecurity Risk -- Introduction -- Why We Chose This Topic -- What Is This Book About? -- We Need More Than Technology -- Part I Why Cybersecurity Needs Better Measurements for Risk -- Chapter 1 The One Patch Most Needed in Cybersecurity -- Insurance: A Canary in the Coal Mine -- The Global Attack Surface -- The Cyber Threat Response -- A Proposal for Cybersecurity Risk Management -- Notes -- Chapter 2 A Measurement Primer for Cybersecurity | |
| 505 | 8 | _aThe Concept of Measurement -- A Taxonomy of Measurement Scales -- The Object of Measurement -- The Methods of Measurement -- Notes -- Chapter 3 The Rapid Risk Audit: Starting With a Simple Quantitative Risk Model -- The Setup and Terminology -- The Rapid Audit Steps -- Some Initial Sources of Data -- The Expert as the Instrument -- Supporting the Decision: Return on Controls -- Doing "Uncertainty Math" -- Visualizing Risk With a Loss Exceedance Curve -- Where to Go from Here -- Notes -- Chapter 4 The Single Most Important Measurement in Cybersecurity | |
| 505 | 8 | _aThe Analysis Placebo: Why We Can't Trust Opinion Alone -- How You Have More Data than You Think -- When Algorithms Beat Experts -- Tools for Improving the Human Component -- Summary and Next Steps -- Notes -- Chapter 5 Risk Matrices, Lie Factors, Misconceptions, and Other Obstacles to Measuring Risk -- Scanning the Landscape: A Survey of Cybersecurity Professionals -- What Color Is Your Risk? The Ubiquitous-and Risky-Risk Matrix -- Exsupero Ursus and Other Fallacies -- Communication and Consensus Objections -- Conclusion -- Notes -- Part II Evolving the Model of Cybersecurity Risk | |
| 505 | 8 | _aChapter 6 Decompose It: Unpacking the Details -- Decomposing the Simple One-for-One Substitution Model -- More Decomposition Guidelines: Clear, Observable, Useful -- A Hard Decomposition: Reputation Damage -- Conclusion -- Notes -- Chapter 7 Calibrated Estimates: How Much Do You Know Now? -- Introduction to Subjective Probability -- Calibration Exercise -- More Hints for Controlling Overconfidence -- Conceptual Obstacles to Calibration -- The Effects of Calibration -- Beyond Initial Calibration Training: More Methods for Improving Subjective Judgment -- Notes | |
| 505 | 8 | _aAnswers to Trivia Questions for Calibration Exercise -- Chapter 8 Reducing Uncertainty with Bayesian Methods -- A Brief Introduction to Bayes and Probability Theory -- An Example from Little Data: Does Multifactor Authentication Work? -- Other Ways Bayes Applies -- Notes -- Chapter 9 Some Powerful Methods Based on Bayes -- Computing Frequencies with (Very) Few Data Points: The Beta Distribution -- Decomposing Probabilities with Many Conditions -- Reducing Uncertainty Further and When to Do It -- More Advanced Modeling Considerations -- Wrapping Up Bayes -- Notes | |
| 520 | _aA start-to-finish guide for realistically measuring cybersecurity risk In the newly revised How to Measure Anything in Cybersecurity Risk, Second Edition, a pioneering information security professional and a leader in quantitative analysis methods delivers yet another eye-opening text applying the quantitative language of risk analysis to cybersecurity. In the book, the authors demonstrate how to quantify uncertainty and shed light on how to measure seemingly intangible goals. It's a practical guide to improving risk assessment with a straightforward and simple framework. Advanced methods and detailed advice for a variety of use cases round out the book, which also includes: A new "Rapid Risk Audit" for a first quick quantitative risk assessment. New research on the real impact of reputation damage New Bayesian examples for assessing risk with little data New material on simple measurement and estimation, pseudo-random number generators, and advice on combining expert opinion Dispelling long-held beliefs and myths about information security, How to Measure Anything in Cybersecurity Risk is an essential roadmap for IT security managers, CFOs, risk and compliance professionals, and even statisticians looking for novel new ways to apply quantitative techniques to cybersecurity. | ||
| 590 |
_aJohn Wiley and Sons _bWiley Online Library: Complete oBooks |
||
| 650 | 0 | _aCyberterrorism. | |
| 650 | 0 |
_aCyberspace _xSecurity measures. |
|
| 650 | 0 | _aRisk management. | |
| 650 | 2 | _aRisk Management | |
| 650 | 6 | _aCyberterrorisme. | |
| 650 | 6 | _aGestion du risque. | |
| 650 | 7 |
_arisk management. _2aat |
|
| 650 | 7 |
_aBUSINESS & ECONOMICS _xStatistics. _2bisacsh |
|
| 650 | 7 |
_aCOMPUTERS _xSecurity _xGeneral. _2bisacsh |
|
| 650 | 7 |
_aCyberspace _xSecurity measures _2fast |
|
| 650 | 7 |
_aCyberterrorism _2fast |
|
| 650 | 7 |
_aRisk management _2fast |
|
| 650 | 7 |
_aCyberterrorism. _2nli |
|
| 650 | 7 |
_aCyberspace _xSecurity measures. _2nli |
|
| 650 | 7 |
_aRisk management. _2nli |
|
| 700 | 1 |
_aSeiersen, Richard, _d1967- _eauthor. _1https://id.oclc.org/worldcat/entity/E39PCjDpy4qdHvy79ycRTxD7Dy |
|
| 758 |
_ihas work: _aHow to measure anything in cybersecurity risk (Text) _1https://id.oclc.org/worldcat/entity/E39PCGJ6B7Hf38yqMJKrdqkPXq _4https://id.oclc.org/worldcat/ontology/hasWork |
||
| 776 | 0 | 8 |
_iPrint version: _z1119892309 _z9781119892304 _w(OCoLC)1302738859 |
| 856 | 4 | 0 | _uhttps://onlinelibrary.wiley.com/doi/book/10.1002/9781119892335 |
| 938 |
_aYBP Library Services _bYANK _n304816556 |
||
| 938 |
_aEBSCOhost _bEBSC _n3590054 |
||
| 938 |
_aProQuest Ebook Central _bEBLB _nEBL7234983 |
||
| 994 |
_a92 _bINLUM |
||
| 999 |
_c12953 _d12953 |
||