We have set up the Security Metametrics Group on LinkedIn as a forum for anyone with a genuine interest in information security metrics to share, learn, develop and discuss security metrics.
In line with our pragmatic nature, this is a practitioners’ group. While at times we may dip into more theoretical aspects, our primary interest is in the practical application of metrics to address real world information security, management and governance issues.
The value of the group depends on inputs from its members. We urge you to participate actively in the community rather than passively observing from the sidelines. Raise questions, ask for help, tell us about the challenges you are facing. Put us straight, or argue with us at least. Tell us what’s weak or missing from the book. Describe your real-world issues with security metrics. Bring up alternative approaches. Wax lyrical about your favorite security metrics. Whatever. Don’t be shy: get stuck in.
We are looking for:
CISOs, CROs, information security and risk managers with a professional interest in security metrics, plus other practitioners who use, or want to use, them (e.g. IT auditors, pentesters, business continuity people);
Users of ISO27k
, NIST SP800, COBIT, BMIS and other information security and risk standards, methods and approaches that rely on measurements for feedback and proportional control;
General business managers, owners, regulators and other stakeholders who want (need!) to measure and systematically improve information security and risk management practices, or who face similar metrics challenges in completely different spheres of interest (e.g. finance, HR, production ...);
Strategists, policy makers, politicians and academics who care about the local, national or global state of information security, and want to make their mark by stimulating demonstrable improvements;
Other academics, researchers and students who are willing to climb down from the ivory tower to help those of us toiling in the trenches. Our focus is applied measurement science rather than pure mathematics and statistics for their own sake, but we are sure there are things you could teach us, and vice versa.
To join up for free, click here, login to Linkedin
and click the ‘join group’ button near the top.