Dashboards: An Effective Cybersecurity Tool

Data is only as good as what you are able to do with it.  Not only does the cybersecurity universe collect data, but individual enterprises also collect cybersecurity data from within their ...

Cybersecurity Lessons from the Pandemic: Models and Predictions

There are a number of different types of models—and the output from each must be viewed and used differently depending on the form of the model. First, you have relationships derived from ...

Cybersecurity Lessons from the Pandemic: Metrics and Decision-Making

We have discussed previously, such as in my May 18, 2020 BlogInfoSec column, some of the more challenging characteristics of data, such as those relating to value and uncertainty, which are generally ...

Cybersecurity Lessons from the Pandemic: Data – Part 2

Having discussed issues relating to the collection and reporting of COVID-19 data in Part 1, we now turn to cyberspace, even though the jury is still out regarding much of the pandemic ...

Cybersecurity Lessons from the Pandemic: Data – Part 1

The collection and reporting of data relating to the coronavirus pandemic and related medical research and practices are in a shambles. For example, a June 7, 2020 article by Jason Slotkin cites ...

Value and Uncertainty in Pandemic Metrics

New York Governor Andrew Cuomo’s daily briefings have become a mainstay of support for many during the COVID-19 pandemic, especially with New York being the initial epicenter of the disease in the ...

Truth, Trust and Cybersecurity Risk

It is a sad reflection on the times, but it is becoming increasingly difficult to distinguish among true and false “facts,” accurate and misleading interpretations, and personal and politically-expedient beliefs. In my ...

Are Cybersecurity Intelligence and Security Metrics Statistically Significant?

It is customary to begin an article on cybersecurity with some statement about the exponential growth of threats, attacks, vulnerabilities, etc. I’m no different. It seems like a reasonable, generally accepted thing ...

Security Metrics and Tesla’s Safety Statistics

I have long railed against the inadequacy of popular easy-to-record security metrics. They usually lack critical information about the nature and severity of vulnerabilities and are therefore misleading in providing support for ...

Security Metrics, Application Security and Cancer Research

I would not have thought that there would be a relationship among security metrics, application security and cancer research until I read an article in the Sunday Magazine section of the June ...