翻訳と辞書
Words near each other
・ Informative Murder Porn
・ Informative site
・ Informativos Telecinco
・ Information Sciences Institute
・ Information scientist
・ Information search process
・ Information security
・ Information security audit
・ Information Security Automation Program
・ Information Security Awareness
・ Information Security Awareness Forum
・ Information Security Department
・ Information Security Engineering Certified Professional
・ Information Security Forum
・ Information Security Group
Information security indicators
・ Information security management
・ Information Security Management Certified Professional
・ Information security management system
・ Information security operations center
・ Information Security Oversight Office
・ Information security standards
・ Information seeking
・ Information seeking behavior
・ Information sensitivity
・ Information server
・ Information Services & Use
・ Information Services Corporation
・ Information Services Department
・ Information Services Division


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Information security indicators : ウィキペディア英語版
Information security indicators
In Information technology benchmarking of computer security requires measurements for comparing both different IT systems and single IT systems in dedicated situations. The technical approach is a pre-defined catalog of security events (security incident and vulnerability (computing)) together with corresponding formula for the calculation of security indicators that are accepted and comprehensive.
Information Security Indicators have been standardized by the ETSI Industrial Specification Group (ISG) ISI. These indicators provide the basis to switch from a qualitative to a quantitative culture in IT Security Scope of measurements: External and internal threats (attempt and success), user’s deviant behaviours, nonconformities and/or vulnerabilities (software, configuration, behavioural, general security framework).
The list of Information Security Indicators belongs to the ISI framework that consists of the following five closely linked Work Items:
# ISI Indicators (ISI-001-1 〔ETSI GS ISI 001-1 (V1.1.2): ISI Indicators Part 1; A full set of operational indicators for organizations to use to benchmark their security posture (2015-06) ()〕 and Guide ISI-001-2 〔ETSI GS ISI 001-2 (V1.1.2): ISI Indicators Part 2; Guide to select operational indicators based on the full set given in part 1 (2015-06) ()〕): A powerful way to assess security controls level of enforcement and effectiveness (+ benchmarking)
# ISI Event Model (ISI-002 〔ETSI GS ISI 002 (V1.2.1): ISI Event Model; A security event classification model and taxonomy (2015-11) ()〕): A comprehensive security event classification model (taxonomy + representation)
# ISI Maturity (ISI-003 〔ETSI GS ISI 003 (V1.1.2): ISI Key Performance Security Indicators (KPSI) to evaluate the maturity of security event detection (2014-06) ()〕): Necessary to assess the maturity level regarding overall SIEM capabilities (technology/people/process) and to weigh event detection results. Methodology complemented by ISI-005 (which is a more detailed and case by case approach)
# ISI Guidelines for event detection implementation (ISI-004 〔ETSI GS ISI 004 (V1.1.1): ISI Guidelines for event detection implementation (2013-12) ()〕): Demonstrate through examples how to produce indicators and how to detect the related events with various means and methods (with classification of use cases/symptoms)
# ISI Event Stimulation (ISI-005 〔ETSI GS ISI 005 (V1.1.1): ISI Guidelines for security event detection testing and asseessmeent of detection effectiveness (2015-11) ()〕): Propose a way to produce security events and to test the effectiveness of existing detection means (for major types of events)
Preliminary work on information security indicators have been done by the French Club R2GS. The first public set of the ISI standards (security indicators list and event model) have been released in April 2013.
==References==


抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「Information security indicators」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.