Posts Tagged “incident metrics”
NotObvious On Heartland
by alex on December 21, 2009
I posted this also to the securitymetrics.org mailing list. Sorry if discussing in multiple venues ticks you off. The Not Obvious blog has an interesting write up on the Heartland Breach and impact. From the blog post: “Heartland has had (…)
Thoughts on Bejtlich’s Information Security Incident Ratings
by alex on June 1, 2009
Check out Richard Bejtlich’s Information Security Incident Rating post. In it, he establishes qualitative, color-based scales for various asset-states in relation to the aggregate threat community. As Richard states, he’s not modeling risk, but rather he’s somewhat modeling half of (…)