The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Jennifer Bayuk - Cybersecurity Consultant

Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.

The History of Cybersecurity Metrics

Sep 29, 2021

Download: Video Icon MP4 Video Size: 770.9MB  
Watch on Youtube Watch on YouTube


This talk covers the state of the Art and Practice in Cybersecurity Metrics. The history ranges from the 1970s through the present. Topics include, but are not limited to: Control Objectives, the Orange Book, the Common Criteria, Systems Security Engineering Capability Maturity Model, Common Vulnerability Enumeration, National Vulnerability Database, NIST Pubs such as the Performance Measurement Guide for Information Security, Threat Intelligence Protocols, Exemplar studies such as the Verizon Data Breach Incident Report, Industry Best Practice and Regulatory Assessments, Security Incident and Event Management, Security Analytics, Security Scorecards.

About the Speaker

Jennifer Bayuk
Jennifer L. Bayuk,Ph.D., is an Independent Cybersecurity Consultant. She also teaches Cybersecurity Risk Management in multiple academic and professional forums and serves as a Private Cybersecurity Investigator and Expert Witness. She has previously been a Wall Street Chief Information Security Officer, a Global Financial Services Cybersecurity Risk Management Officer, a Global Financial Services Technology Risk Management Officer, a Big 4 Information Risk Management Auditor/Consultant,a Manager of Information Technology Internal Audit, a Security Architect, a Bell Labs Security Software Engineer, a Professor of Systems Security Engineering.  In all of these positions, governance using security metrics has been a core component of her job function. Her numerous books, articles, and presentations cover a wide variety of topics in Cybersecurity Management and Engineering. She earned a Ph.D. in Systems Engineering with a dissertation on security metrics: Security as a Theoretical Attribute Construct and is frequently a member of the Metricon program committee(

Ways to Watch


Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!