How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current "risk management" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security. In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security.
Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely.
Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing—as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.
DOUGLAS W. HUBBARD is the inventor of Applied Information Economics (AIE), an internationally recognized expert in measurement and quantitative decision analysis, and best-selling author of How to Measure Anything, Third Edition, and The Failure of Risk Management.
RICHARD SEIERSEN is general manager of Cyber Security & Privacy at GE Healthcare. He has more than twenty years of experience in such areas as cybersecurity; governance, risk and compliance (GRC); and analytics.
This insightful and eloquent book will show you how to measurethose things in your own business, government agency or otherorganization that, until now, you may have considered"immeasurable," including customer satisfaction, organizationalflexibility, technology risk, and technology ROI.Adds new measurement methods, showing how they can be appliedto a variety of areas such as risk management and customersatisfactionSimplifies overall content while still making the moretechnical applications available to those readers who want to digdeeperContinues to boldly assert that any perception of"immeasurability" is based on certain popular misconceptions aboutmeasurement and measurement methodsShows the common reasoning for calling something immeasurable,and sets out to correct those ideasOffers practical methods for measuring a variety of"intangibles"Provides an online database (www.howtomeasureanything.com) ofdownloadable, practical examples worked out in detailedspreadsheets
Written by recognized expert Douglas Hubbard—creator ofApplied Information Economics—How to Measure Anything,Third Edition illustrates how the author has used his approachacross various industries and how any problem, no matter howdifficult, ill defined, or uncertain can lend itself to measurementusing proven methods.
This companion workbook to the new edition of the insightful andeloquent How to Measure Anything walks readers throughsample problems and exercises in which they can master and applythe methods discussed in the book.
The book explains practical methods for measuring a variety ofintangibles, including approaches to measuring customersatisfaction, organizational flexibility, technology risk,technology ROI, and other problems in business, government, andnot-for-profits.Companion to the revision of the bestselling How to MeasureAnythingProvides chapter-by-chapter exercisesWritten by industry leader Douglas Hubbard
Written by recognized expert Douglas Hubbard—creator ofApplied Information Economics—How to Measure AnythingWorkbook illustrates how the author has used his approachacross various industries and how any problem, no matter howdifficult, ill defined, or uncertain can lend itself to measurementusing proven methods.
“Bruce Schneier’s amazing book is the best overview of privacy and security ever written.”—Clay Shirky
Your cell phone provider tracks your location and knows who’s with you. Your online and in-store purchasing patterns are recorded, and reveal if you're unemployed, sick, or pregnant. Your e-mails and texts expose your intimate and casual friends. Google knows what you’re thinking because it saves your private searches. Facebook can determine your sexual orientation without you ever mentioning it.
The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we’re offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches.
Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making. But have we given up more than we’ve gained? In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He brings his bestseller up-to-date with a new preface covering the latest developments, and then shows us exactly what we can do to reform government surveillance programs, shake up surveillance-based business models, and protect our individual privacy. You'll never look at your phone, your computer, your credit cards, or even your car in the same way again.