Can we measure information security?

Reijo Savola, Anni Sademies, Jarkko Holappa

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientific

Abstract

The management of information security becomes easier if suitable metrics can be developed to offer evidence of the security level or performance of a system (e.g. a product or an organization). Results from measurements can be used as a basis for decisions in order to ensure the desired security level or performance. The measurement object of security metrics can be a technical system, an organization or a business process – or all of them at the same time. Systematic security metrics provide means for managing information security comprehensively.
Original languageEnglish
Title of host publicationProceedings of the European Intensive Programme on Information Security Management and Technology, IPICS 2006
Subtitle of host publicationThe 7th Winter School
PublisherUniversity of Oulu
Number of pages10
ISBN (Print)951-42-8047-4
Publication statusPublished - 2006
MoE publication typeB3 Non-refereed article in conference proceedings
EventEuropean Intensive Programme on Information Security Management and Technology, IPICS 2006: The 7th Winter School - Taivalkoski, Finland
Duration: 3 Apr 200610 Apr 2006

Conference

ConferenceEuropean Intensive Programme on Information Security Management and Technology, IPICS 2006
Abbreviated titleIPICS 2006
CountryFinland
CityTaivalkoski
Period3/04/0610/04/06

Fingerprint Dive into the research topics of 'Can we measure information security?'. Together they form a unique fingerprint.

Cite this