NIST has released a new revision of Special Publicatoin 800-55, the "Performance Measurement Guide for Information Security." With all of the blogosphere conversation about security metrics going on right now, I thought this a well-times publication.
From NIST:
NIST is pleased to announce the release of NIST Special Publication 800-55, Revision 1, Performance Measurement Guide for Information Security. This publication provides assistance in the developing, selecting, and implementing security performance measures to be used at the information system and program levels. These measures indicate the effectiveness of security controls applied to information systems and supporting information security program. [From NIST SP 800-55 Rev 1: Performance Measurement Guide for Information Security | Security4all - Dedicated to digital security, enterprise 2.0 and presentation skills]
Here's a direct link to the document.
Leave a comment