Security Metrics Workshop

"APPROACHES TO MEASURING SECURITY"

On June 13 and 14, 2000 the Computer System Security and Privacy Advisory Board (CSSPAB) conducted a workshop on security metrics. The goal of the workshop was to survey current information infrastructure protection metrics and their uses and to determine any voids. The focus was on non-classified systems. Workshop presentations are available in both .pdf and PowerPoint. A report of the workshop is also available. (Adobe Acrobat .pdf and Word.doc)

Workshop Goals
.pdf | .ppt
Fran Nielsen, NIST

Summary of Day One
.pdf | .ppt
Fran Nielsen, NIST and attendees

Report of Workshop.
.pdf | Word .doc
Fran Nielsen, NIST

"Security Metrics - What Are They?" .pdf | .ppt
Stuart Katzke, National Security Agency

"Defense Information Assurance Program (DIAP) - Information Assurance Readiness Assessment Metrics" .pdf | .ppt
Mr. Terry Bartlett, DIAP Readiness Assessment Team Leader

"Systems Security Engineering Capability Maturity Model (SSE-CMM) Profiles, Assurance and Metrics (PAM) Working Group" .pdf | .ppt
George Jelen, Board of Director
International Systems Security Engineering Association

"Information Technology Security Assessment Framework" .pdf | .ppt
John Gilligan, Chief Information Officer
Department of Energy, and
Co-chair, CIO Council Security, Privacy, and Critical Infrastructure
Protection Subcommittee

"Information Security Metrics - An Audit-Based Approach" .pdf | .ppt
Jennifer L. Bayuk, Associate Director for Corporate Security
Bears, Stearns & Co.

"Overview of FISCAM - Chapter 3" .pdf | .ppt
Darrell Heim, Assistant Director
Accounting and Information Management Division
General Accounting Office

"Quantitative Risk Assessment" .pdf | .ppt
Fred G. Tompkins
Key Technologies & Security Inc.

"Cryptographic Algorithm Metrics" .pdf | .ppt
Landgrave T. Smith
Institute for Defense Analysis

Government Panel
Moderator: Joe Leo, U. S. Department of Agriculture
Jean Boltz, General Accounting Office .pdf | .ppt
James Craft, U. S. Agency for International Development .pdf | .ppt
Bill Hadesty, U.S. Department of Agriculture
Edward Keefe, U.S. Customs .pdf | .ppt
Industry Panel
Moderator: John Sabo, Trivoli SecureWay
Tom Dunbar, Citigroup .pdf | .ppt
Pat Hymes, First Union .pdf | .ppt
Robert George, Dupont .pdf | .ppt
Randy Sanovic, General Motors

Back to CSSPAB Home-Page | Back to CSRC Homepage