Cyber security is a “nebulous domain… that tends to resist easy measurement and, in some cases, appears to defy any measurement,” according to a report issued in March by Sandia National Laboratories.
In order to establish a common vocabulary for discussing cyber threats, and thereby to enable an appropriate response, the Sandia authors propose a variety of attributes that can be used to characterize cyber threats in a standardized and consistent way.
“Several advantages ensue from the ability to measure threats accurately and consistently,” the authors write. “Good threat measurement, for example, can improve understanding and facilitate analysis. It can also reveal trends and anomalies, underscore the significance of specific vulnerabilities, and help associate threats with potential consequences. In short, good threat measurement supports good risk management.”
See “Cyber Threat Metrics” by Mark Mateski, et al, Sandia National Laboratories, March 2012.
Rather than get caught up in the buzzword flavor of the month, the policymaking ecosystem should study what’s actually working.
The U.S. does not lack ideas for improving its transportation system. What it needs is a research ecosystem capable of turning those ideas into deployed solutions.
The Federation of American Scientists (FAS) is excited to announce that Kumar Garg and Matt Lira are joining the organization’s Board of Directors.
A cohesive strategy to achieve two goals: (1) deploy the clean energy and grid upgrades necessary to make energy affordable and combat climate change and (2) create governments that tangibly improve peoples’ lives.