A taxonomical approach for information security metrics development

Reijo Savola

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review


    How secure is a software product or a telecommunication network, or their fusion? In order to obtain evidence of the security performance (or level) of products or an organization, systematic approaches to measuring security are needed. In this study we survey the emerging security metrics approaches from the academic, governmental and industrial perspectives. We aim to bridge the gaps between business management, information security management and ICT product security practices. If common metrics approaches between different security disciplines can be found, this will advance our holistic understanding and capabilities, both in management and engineering practices. The survey presented here is structured according to an initial taxonomy for security metrics proposed in this study.
    Original languageEnglish
    Title of host publicationNordsec 2007
    Subtitle of host publicationSupplemental Booklet of Short Papers
    Number of pages11
    Publication statusPublished - 2007
    MoE publication typeA4 Article in a conference publication
    EventNordsec 2007 - Reykjavik, Iceland
    Duration: 11 Oct 200712 Oct 2007


    ConferenceNordsec 2007


    Dive into the research topics of 'A taxonomical approach for information security metrics development'. Together they form a unique fingerprint.

    Cite this