Jennifer Bayuk - Cybersecurity Consultant
Students: Spring 2022, unless noted otherwise, sessions will be virtual on Zoom.
The History of Cybersecurity Metrics
Sep 29, 2021Download: MP4 Video Size: 770.9MB
Watch on YouTube
AbstractThis talk covers the state of the Art and Practice in Cybersecurity Metrics. The history ranges from the 1970s through the present. Topics include, but are not limited to: Control Objectives, the Orange Book, the Common Criteria, Systems Security Engineering Capability Maturity Model, Common Vulnerability Enumeration, National Vulnerability Database, NIST Pubs such as the Performance Measurement Guide for Information Security, Threat Intelligence Protocols, Exemplar studies such as the Verizon Data Breach Incident Report, Industry Best Practice and Regulatory Assessments, Security Incident and Event Management, Security Analytics, Security Scorecards.
About the Speaker
Jennifer L. Bayuk,Ph.D., is an Independent Cybersecurity Consultant. She also teaches Cybersecurity Risk Management in multiple academic and professional forums and serves as a Private Cybersecurity Investigator and Expert Witness. She has previously been a Wall Street Chief Information Security Officer, a Global Financial Services Cybersecurity Risk Management Officer, a Global Financial Services Technology Risk Management Officer, a Big 4 Information Risk Management Auditor/Consultant,a Manager of Information Technology Internal Audit, a Security Architect, a Bell Labs Security Software Engineer, a Professor of Systems Security Engineering. In all of these positions, governance using security metrics has been a core component of her job function. Her numerous books, articles, and presentations cover a wide variety of topics in Cybersecurity Management and Engineering. She earned a Ph.D. in Systems Engineering with a dissertation on security metrics: Security as a Theoretical Attribute Construct and is frequently a member of the Metricon program committee(securitymetrics.org)