 The need for cybersecurity data and metrics: empirically assessing cyberthreatBrandon Valeriano Journal of Cyber Policy, 2022, vol. 7, issue 2, 140-154 Abstract: Without assessment metrics and data, the cybersecurity community maintains no ability to evaluate the success or scope of operations. Calls for the collection of cybersecurity indicators are empty without strategic guidance on what indicators to collect, for what purpose, and for what method of analysis. This paper reviews the purpose, function and need for cybersecurity data and metrics with an in-depth review of United States metrics guidance offered in the National Defense Authorisation Act (NDAA) and National Institute of Standards and Technology (NIST) publications on metrics. Mission assessment is critical to evaluate the efficacy of ongoing and future cybersecurity efforts; assessments require quantitative metrics that place concrete values on indicators rather than subjective judgments. Date: 2022 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:taf:rcybxx:v:7:y:2022:i:2:p:140-154 Ordering information: This journal article can be ordered from DOI: 10.1080/23738871.2022.2111997 Access Statistics for this article Journal of Cyber Policy is currently edited by Emily Taylor More articles in Journal of Cyber Policy from Taylor & Francis Journals |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.