Compile Effective Metrics and Indicators to Detect and Prioritize Incidents
Compile Effective Metrics and Indicators to Detect and Prioritize Incidents
This week, you will extend upon earlier work completed in Week 5 to compile an approach that provides effective quantitative metrics and indicators that will enable the detection of deviations to the plan for the case study organization and provide specific support for the prioritized evaluation of incidents. The overarching goal is to have a unified system that addresses all strategic risk exposures and the implications of unmitigated risk on technology use, exposure to cyber threats, and the ability to meet compliance, audit, and privacy needs.
Include the following in your briefing:
1. Create a compilation of effective metrics and indicators to detect and prioritize incidents.
2. Develop the planning and strategy cycle by enabling consistent methods of appraisal from the moment of risk recognition through incident resolution.
3. Verify that the briefing uses persuasive language to facilitate buy-in and support of your holistic approach to risk in the organization by clearly articulating the achievement of more without introducing additional overhead.
Length: 5-6 pages briefing to technologists and managers. Include one original image and one table that represents your evaluation.
References: Include relevant sources from within the course and a minimum of 2 additional scholarly references from the NCU Library.
The completed assignment should address all of the assignment requirements, exhibit evidence of concept knowledge, and demonstrate thoughtful consideration of the content presented in the course. The writing should integrate scholarly resources, reflect academic expectations and current APA standards, and adhere to the Northcentral University’s Academic Integrity Policy.
References
Reminder: Please complete the O’Reilly login steps (See the Accessing O’Reilly link in the Week 1 Resources area) where you get an email that will allow your browser to keep your password, solving future access limitations.
• How to Measure Anything in Cybersecurity Risk
Hubbard, D. W., Seiersen, R., Geer, D. E., & McClure, S. (2016). How to measure anything in cybersecurity risk. Wiley.
• Read Chapter 3 – Model Now! An Introduction to Practical Quantitative Methods for Cybersecurity.
This chapter explains the development of quantitative risk assessment.
• The FAIR Institute – FAIR Risk Management
FAIR Institute. (2021). FAIR risk management – Quantification: The core of effective cyber risk management.
This website provides information on the FAIR quantitative risk analysis model.
• The Measurement of Maturity Level of Information Technology Service Based on COBIT5 Framework
Amali, L. N., Katili, M. R., Suhada, S., &Hadjaratie, L. (2020). The measurement of the maturity level of information technology service based on COBIT 5 framework. Telkomnika, 18(1), 133–139.
This journal article reports the findings of a study implementing COBIT5 and makes recommendations for enhancements and upgrades in IT performance and service within the scope of compliance and application support.
• Risk Management for Cybersecurity and IT Managers
Dion, J. (2018). Risk management for cybersecurity and IT managers. Packt Publishing.
• Watch Chapter 4 – Calculating Risk.
This video explains how to calculate risk.
• Risk Metrics, Assimilation, and Interpretation
• The use of an information security plan within an organization
• requires assimilation and interpretation of the risk metrics used to quantify the assessment. Qualitative risk assessments can quickly determine relevant risks within an organization, but quantitative risk assessment approaches take time to implement, and the related expense needs to be justified. The organization must have clear objectives for its information security program. The culture and maturity level of an organization has implications for the results of any information security plan endeavor. Being culturally aware increases the likelihood that assimilation will happen and the difficulty of instituting a program will be minimized. When initiating a program with strict policies and procedures in an immature organization that conducts its business and operations in a somewhat ad-hoc manner there will be difficulty in achieving buy-in for the program.
• Risks Metrics and Interpretation
• Quantitative risk assessment measures are standardized in scoring. These associated types of risk metrics are quantified and therefore permit the evaluation of the accomplishment of assimilation goals and objectives by quantifying the implementation efficiency and effectiveness of security controls put in place by an organization. Because metrics relating to different information security areas use a diverse set of units of measure, and the numbers often need an interpretation unique to the given measure individuals trained in scoring specific risk metrics need to be part of the process. This makes interpretation relatively easy to accomplish. Qualitative risk assessment is subjective and therefore interpretation can be difficult and bring about a conflict within an organization. Suppose consensus cannot be built on the specific risks and how to interpret qualitative information. In that case, it will be difficult to assimilate that into the informing process used to develop an information and data security plan. Metrics to measure information security incident variables need to be operationally defined to facilitate the reporting of risks to specific key individuals within an organization. It is also important to determine whether or not an organization is centralized or decentralized in its approach to management and information technology because this has implications on the information security program plan.
• Organizational Assimilation
• Once an information security plan is formulated, the extent to which the plan it’s adopted is called assimilation. The degree to which organizations have accomplished assimilation of policies and procedures related to securing their information systems and business processes is based on different factors that allow an organization to more effectively plan and institute security-related measures. Effective policies and procedures give organizations the means to adopt and use effective IT security measures and effectively disseminate newly adopted or adapted measures to respond to threats. Assimilation can be used as a tool to measure the development and evolution of an organization’s decision to adopt information security policies. From the point an organization lacks awareness of the need to think differently about risk and security to its initial interest in securing organizational assets on to the acquisition and full deployment process, assimilation can measure the extent to which buy-in has occurred within the organization. This means that assimilation has implications for the degree to which policies effectively reduce the impact that security breaches have on an organization.
Image preview for”compile Effective Metrics and Indicators to Detect and Prioritize Incidents”
APA
1613 words
Click the purchase button to get full answer.