John Wiley & Sons The Metrics Manifesto Cover Security professionals are trained skeptics. They poke and prod at other people's digital creations,.. Product #: 978-1-119-51536-4 Regular price: $35.42 $35.42 In Stock

The Metrics Manifesto

Confronting Security with Data

Seiersen, Richard


1. Edition July 2022
320 Pages, Hardcover
Wiley & Sons Ltd

ISBN: 978-1-119-51536-4
John Wiley & Sons

Further versions


Security professionals are trained skeptics. They poke and prod at other people's digital creations, expecting them to fail in unexpected ways. Shouldn't that same skeptical power be turned inward? Shouldn't practitioners ask: "How do I know that my enterprise security capabilities work? Are they scaling, accelerating, or slowing as the business exposes more value to more people and through more channels at higher velocities?" This is the start of the modern measurement mindset--the mindset that seeks to confront security with data.

The Metrics Manifesto: Confronting Security with Data delivers an examination of security metrics with R, the popular open-source programming language and software development environment for statistical computing. This insightful and up-to-date guide offers readers a practical focus on applied measurement that can prove or disprove the efficacy of information security measures taken by a firm.

The book's detailed chapters combine topics like security, predictive analytics, and R programming to present an authoritative and innovative approach to security metrics. The author and security professional examines historical and modern methods of measurement with a particular emphasis on Bayesian Data Analysis to shed light on measuring security operations.

Readers will learn how processing data with R can help measure security improvements and changes as well as help technology security teams identify and fix gaps in security. The book also includes downloadable code for people who are new to the R programming language.

Perfect for security engineers, risk engineers, IT security managers, CISOs, and data scientists comfortable with a bit of code, The Metrics Manifesto offers readers an invaluable collection of information to help professionals prove the efficacy of security measures within their company.



About the Technical Review Team

Chapter 1 Introduction: The Manifesto and the BOOM! Framework 1

Chapter 2 Time to Event Metrics 15

Chapter 3 Counting on Uncertainty: Preparing for Burndown, Arrival, Wait-Times, and Escape Rates 33

Chapter 4 Burndown Rates: Shifting Right the Bayesian Way 53

Chapter 5 Risk Arrival Rates: Shift Left Security Metrics 81

Chapter 6 Wait- Time Rates: Between Arrival and Departure Is...Waiting 111

Chapter 7 Escape Rates 145

Chapter 8 Optimization Basics with Bayesian Linear Regression 163

Chapter 9 ABC A/B Testing and Security ROI 197

Chapter 10 Dashboarding with BOOM! 223

Chapter 11 Simulating Data Like a Pro 245

Epilogue: A Short One- for- One Substitution Guide 281

Index 293
RICHARD SEIERSEN is Chief Risk Officer at Resilience Insurance. He is a technology executive with 20 years of experience in information security and risk management. Seiersen has held CISO roles at Twilio, LendingClub, and GE Healthcare and was Co-Founder of Soluble, which was sold to Lacework in 2021. He's also an active security startup advisor and consulting faculty member with IANS on cybersecurity risk management.