This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Security Measurement Steps, Missteps, and Next Steps
July-Aug. 2012 (vol. 10 no. 4)
pp. 5-9
Shari Lawrence Pfleeger, Dartmouth College
Over the past decade, this magazine has focused on a wide variety of important issues, each of which contributes not only to our understanding of security but also to innovative and effective solutions to security problems. Measurement has frequently held star and supporting roles in many of these articles. The author describes the past, present, and future for measurement's role in security.

1. D.E. GeerJr., K. Soo Hoo, and A.R. Jaquith, “Information Security: Why the Future Belongs to the Quants,” IEEE Security & Privacy, vol. 1, no. 4, 2003, pp. 24–32.
2. E.A. Nichols and G. Peterson, “A Metrics Framework to Drive Application Security Improvement,” IEEE Security & Privacy, vol. 5, no. 2, 2007, pp. 88–91.
3. J.C.H. Ryan and D.J. Ryan, “Performance Metrics for Information Security Risk Management,” IEEE Security & Privacy, vol. 6, no. 5, 2008, pp. 38–44.
4. S.L. Pfleeger and R. Cunningham, “Why Measuring Security Is Hard,” IEEE Security & Privacy, vol. 8, no. 4, 2010, pp. 46–54.
5. S. Stolfo, S.M. Bellovin, and D. Evans, “Measuring Security,” IEEE Security & Privacy, vol. 9, no. 3, 2011, pp. 60–65.
6. G. Cybenko and C. Landwehr, “Security Analytics and Measurements,” IEEE Security & Privacy, vol. 10, no. 3, 2012, pp. 5–8.
7. H. Petroski, To Engineer Is Human: The Role of Failure in Successful Design, Vintage Books, 1992.
8. T. Harford, Adapt: Why Success Starts with Failure, Farrar, Straus and Giroux, 2011.
9. D.X. Li, “On Default Correlation: A Copula Function Approach,” J. Fixed Income, vol. 9, no. 4, 2000, pp. 43–54.
10. F. Salmon, “Recipe for Disaster: The Formula That Killed Wall Street,” Wired,23 Feb. 2009; www.wired.com/techbiz/it/magazine/17-03wp_quant?currentPage=all .
11. F. Schneider, “Beyond Traces and Independence,” Dependable and Historic Computing: Essays Dedicated to Brian Randell on the Occasion of His 75th Birthday, LNCS 6875, Springer Verlag, 2011, pp. 479–485.
12. P. Bishop et al., “Diversity for Security: A Study with Off-the-Shelf Antivirus Engines,” Proc. ISSRE, IEEE CS, 2011.
13. J.C. Helton and W.L. Oberkampf, “Special Issue: Alternative Representations of Epistemic Uncertainty,” Reliability Engineering and System Safety, vol. 85, nos. 1–3, 2004.
14. M. Briggs, “Why Do Statisticians Answer Silly Questions That No One Ever Asks?” Significance, Royal Statistical Society, UK, Feb. 2012, pp. 30–31.

Index Terms:
Network security,Computer security,Measurement techniques,Benchmark testing,benchmarks,security,privacy,measurement,metrics
Citation:
Shari Lawrence Pfleeger, "Security Measurement Steps, Missteps, and Next Steps," IEEE Security & Privacy, vol. 10, no. 4, pp. 5-9, July-Aug. 2012, doi:10.1109/MSP.2012.106
Usage of this product signifies your acceptance of the Terms of Use.