Security Metrics. A Beginner's Guide. Caroline Wong. Mc Graw Hill. Singapore Sydney Toronto. Lisbon London Madrid Mexico City Milan New Delhi San Juan

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Security Metrics. A Beginner's Guide. Caroline Wong. Mc Graw Hill. Singapore Sydney Toronto. Lisbon London Madrid Mexico City Milan New Delhi San Juan"

Transcription

1 Security Metrics A Beginner's Guide Caroline Wong Mc Graw Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto

2 Contents FOREWORD ACKNOWLEDGMENTS INTRODUCTION xxi xxv xxvii PART I Why Security Metrics? 1 Why Measure Security? 3 Purpose of an Information Security Program 4 Define a Mission Statement and a Charter for the Information Security Program 5 Evaluate the Components of an Information Security Program 7 Review the Predictive Security Model 9 Benefits of a Security Metrics Program 16 A Lesson for Security Metrics from the Traffic Safety Industry 16 Measurement Provides Visibility 19 Measurement Educates and Provides a Common Language 19 Measurement Enables Improvement 20 Why Are Security Metrics So Hard to Do? 25 xi

3 Xii Security Metrics: A Beginner's Guide 2 Why Security Metrics Are Needed Now 27 Security Work Is Never Finished: Technology Changes and Moore's Law 28 Verizon Business 2009 Data Breach Investigations Report 29 Symantec Global Internet Security Threat Report 30 Ernst & Young's 12th Annual Global Information Security Survey 31 More on the Increasing Sophistication of Attacks 32 Malware 32 Botnets 33 New Developments in Information Security 35 The Increasing Importance of Application Security 36 The Cloud 37 Targeted Attacks 38 The Impact of Social Networking 39 Profile of a Hacker 39 The "Old" Profile of a Hacker 40 Today's Hacker 40 Today's "Security Best Practices" Are Not Good Enough 43 A Good Starting Point for Strategy 44 Controls and Standards 46 Applying Metrics to Best Practices 49 PART II Essential Components of an Effective Security Metrics Practitioner 3 Analytics 55 What Are Security Analytics? 57 "Who Cares?" Test 57 Visualization 59 What You See May Not Be What You Get 59 Multiple Metrics for a More Complete Picture 61 Bundling Interpretation and Metrics 63 Do I Need a PhD in Math? 63 Leverage Analytic Patterns Developed by Others 64 Cool the PhD: You Can Leverage Patterns Without It! 65 Use the Trend Analysis Pattern 66 Examples of Applying Analytic Patterns 69 Example 1: Trend Analysis Microsoft Vulnerabilities 69 Example 2: Hypothesis Testing 72 Example 3: Trend Comparison 77

4 Contents xiii Example 4: Data Sample Effect 80 Example 5: Telling a Story 81 4 Commitment to Project Management 91 Information Security Culture Project Management 94 Brief Objective Statement 96 Type of Change 96 Proposed Start Date and End Date 96 Roles and Responsibilities 97 Project Name 100 Problem Statement 101 Solution Statement 101 Team Priority or Principle Supported 102 Project Scope 103 Project Description 103 Change Details and Impacts 104 Risks of Not Implementing This Project 104 Dependencies or Risks 104 Metrics/Success Measures 106 Major Deliverables and Deadlines 107 Required Budget 107 Information Security Resources Required 109 Other Resources Required 110 Example Application of the Project Management Methodology 110 Run-the-Business Activities PART III Decide What to Measure 5 Identify Core Competencies, Information Security Work, and Resourcing Options 121 Evaluating Security Core Competencies for Metrics Projects 122 Spectrum of Information Security Work 125 Sustain 126 Establish 129 Build 132 Leveraging the Outsourcing and Offshoring Models 134 Benefits 134 Concerns 135 How to Manage the Risk 136 Additional Recommendations 138

5 xiv Security Metrics: A Beginner's Guide 6 identify Targets 1*1 Revisiting Objectives of an Information Security Metrics Program 142 Identifying What's Important 143 Compliance 143 Highest Risk 145 Business-Enabling Security Practices 148 Identifying What's Broken 148 Process Improvement 149 Technology Improvement 150 Audit Findings 155 Identifying What's Basic 155 Identifying What Needs to Be Discussed 157 Identifying What's New 158 Technology Evaluations 158 Cloud Provider Metrics and Evaluations 159 PART IV Get Started 7 Define Project Objectives 163 Training for a Marathon 164 Mapping a Target to a Benefit 166 Defining the Objective of a Security Metrics Project 167 Objective Desired Direction 167 Metrics Project Distance 170 Metrics Project Timeline 170 Lessons Learned 171 Setting Baselines 172 Initial Buy-in from Stakeholders Define Your Priorities 177 A Real-World Prioritization Example 178 Why Is It Important to Prioritize? 180 Advantages of Effective Prioritization 181 Factors to Consider 182 Compliance 182 Risk Reduction 183 Threat Analysis 184 Alignment with Top Business Objectives 185 Specific Prioritization Factors for Security Metrics Projects 185 How to Prioritize 189 Prioritization Representations 189 Phase 1: Brainstorming and List Generation 189

6 Contents XV Phase 2: Top-Down Prioritization 190 Phase 3: Comprehensive Review 191 Phase 4: Draw the Line 192 Publication and Recurring Reviews Identify Key Messages and Key Audiences 195 Why Stakeholder Engagement Is Important 196 Stakeholder Engagement 197 What's This Person's Area of Responsibility? Why Is This Person Important to Information Security? 197 What's Valuable to This Key Stakeholder? 199 What Are Their Security Needs? 199 For What Purpose Do You Need Their Buy-In? What Do You Need Them to Approve? 199 What Information Do You Need from This Person? 200 Examples 200 Key Audience: Chief Executive Officer 200 Key Audience: Chief Financial Officer 202 Key Audience: Chief Risk Officer 203 Key Audience: Chief Technology Officer 205 Key Audience: Business Unit Leader 206 Key Audience: Chief Information Officer 207 Key Audience: Director of Physical Security 208 Key Audience: Director of Human Resources 210 Chapter Summary Obtain Buy-in from Stakeholders 215 What Is Buy-In and Why Do You Need It? 216 Preparing for a Buy-In Discussion with Stakeholders 217 Understanding Your Part 217 Understanding Your Stakeholders 221 The Steering Committee 223 Meeting, Explaining, Asking, Documenting 224 Documentation and Commitment 224 PART V Toolkit 11 Automation 229 Automation: Benefits 230 Automation: Workflow 231 Design: Hypothesize and Strategize 233 Collect: Extract, Cleanse, Transform, Merge, and Load Datasets 238

7 Security Metrics: A Beginner's Guide Calculate: Slice, Dice, and Model 244 Communicate: Visualize, Annotate, Publish 245 Orchestrate: Deploy, Schedule, Execute, and Coordinate Analysis Technologies and a Case Study 251 Automation: Technologies 252 Design 255 Collect 257 Calculate 259 Communicate 261 Orchestrate 263 Case Study 264 Spreadsheet Chaos 265 Homegrown Solution 267 Purpose-Built Product Solution 269 PART VI Creating the Best Environment for Healthy Metrics 13 Define a Communications Strategy 275 What Do You Want to Communicate? 276 Keep Your Message Consistent 277 Know Your Audience 279 Acquisitions 279 International Audience 280 Communicate Well 281 Information Security Is Complex: Visual Aids and Remote Technology 281 Media Training 282 Share More 283 Why Not Share? 283 A Few Good Reasons Why Sharing Helps More Than It Hurts 284 Communication Formats 285 The 1:1 285 The Committee 286 Additional Tips on Communicating Effectively Drive an Action Plan: The Importance of Project Management 289 Role of the Project Manager 290 Managing Change 291 Reporting 291 Meetings 293

8 Contents XVii Decision Making 293 Brief Objective Statement 294 Roles and Responsibilities 294 Problem Statement 296 Solution Statement 296 Team Priority or Principle Supported 297 Project Scope 297 Change Details and Impacts 298 Risks of Not Implementing This Project 298 Dependencies or Risks 298 Metrics and Success Measures 298 Major Deliverables and Deadlines 299 Budget 299 Information Security Resources 299 Reporting Formats 300 Status Reporting 300 PART VII Secret Sauce: Lessons Learned from an Enterprise Practitioner 15 Improving Data Quality and Presentation 305 Data Cleansing 307 Making Data Accurate 307 Making Data Complete 310 Making Data Consistent 310 Making Data Unambiguous 311 Reporting Data from Multiple Systems 311 Raw Data Generators 312 Ticketing Systems 312 Asset Management Systems 313 Consistent Meaning 314 Data, Processes, and People 314 Working with Stakeholders to Perform Data Cleansing 316 Fix the Process, and Then Automate 317 Don't Wait for Perfect Data Before Reporting Resourcing and Security Metrics Projects 321 Resourcing Options 323 Security Team Resourcing 324 Outsourcing to Obtain Metrics 325

9 XVlH Security Metrics: A Beginner's Guide Leveraging Politics and Competition 325 Metrics as Justification for More Resources 327 Incident Response Metrics 328 Security Consulting Metrics 329 Report Quickly 330 PART VIII Looking Forward 17 Security Metrics for Cloud Computing 335 Cloud Computing Defined 336 Characteristics 337 Service Models 337 Deployment Models 338 Cloud Business Drivers 340 PART IX The New Normal 342 Security Metrics vs. Cloud Security Metrics 344 Cloud Security Alliance 346 CSA Cloud Metrics Working Group Template 349 CSA Cloud Metrics Working Group Lifecycle 353 Final Thoughts 354 Appendix and Glossary Appendix Templates and Checklists 359 Chapter 1: The Three Benefits of a Security Metrics Program 360 Chapter 2: Best Practice Analysis 360 Chapter 5: Request for Proposal 361 Chapter 6: Metrics for High Risk Areas 361 Metrics for Process Improvement 362 Metrics for Security Technology 362 Metrics for Non-Security Technology 364 Metrics for What's Basic? 366 Metrics for New Technology 366 Chapter 7: Meeting with Stakeholders 367 Chapter 8: Basic Prioritization Questions 367 Risk Reduction Questions 368 Business Objective Alignment Questions 368 Chapter 9: Identifying Key Audiences and Key Messages 369 Stakeholder Analysis 369

10 Contents xix Examples of Key Audiences, Key Messages, and Security Metrics 370 Analysis: What Do You Need? 371 Chapter 17: Template for Completely and Unambiguously Defining a Metric 372 Glossary 375 Index 381

Delivery. Enterprise Software. Bringing Agility and Efficiency. Global Software Supply Chain. AAddison-Wesley. Alan W. Brown.

Delivery. Enterprise Software. Bringing Agility and Efficiency. Global Software Supply Chain. AAddison-Wesley. Alan W. Brown. Enterprise Software Delivery Bringing Agility and Efficiency Global Software Supply Chain to the Alan W. Brown AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto

More information

Manager's Guide to Crisis Management

Manager's Guide to Crisis Management A Briefcase Book Manager's Guide to Crisis Management Jonathan Bernstein with Bruce Bonafede Me Graw Hill McGraw-Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San

More information

Compensating the Sales Force

Compensating the Sales Force Compensating the Sales Force A Practical Guide to Designing Winning Sales Reward Programs Second Edition David J. Cichelli Me Graw Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan

More information

The Process. Improvement. Handbook. A Blueprint for Managing Change and. Increasing Organizational Performance. Tristan Boutros.

The Process. Improvement. Handbook. A Blueprint for Managing Change and. Increasing Organizational Performance. Tristan Boutros. The Process Improvement Handbook A Blueprint for Managing Change and Increasing Organizational Performance Tristan Boutros Tim Purdie Illustrations by Dustin Duffy Mc Graw Hill Education New York Chicago

More information

Building and Managing

Building and Managing ORACLE Oracle Press' Building and Managing a Cloud Using Oracle Enterprise Manager 12c Madhup Gulati Adeesh Fulay Sudip Datta Mc Graw Hill Education New York Chicago San Francisco Lisbon London Madrid

More information

Lean Supply Chain and Logistics Management

Lean Supply Chain and Logistics Management Lean Supply Chain and Logistics Management Paul Myerson Me Grauu Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto CONTENTS CHAPTER

More information

Tuning Tips & Techniques

Tuning Tips & Techniques ORACLE Oracle Press Oracle E-Business Suite 12 Tuning Tips & Techniques Richard Bingham Mc Graw Hill Education New York Chicago San Francisco Athens London Madrid Mexico City Milan New Delhi Singapore

More information

Implementation & Administration

Implementation & Administration Microsoft SQL Server 2008 R2 Master Data Services: Implementation & Administration Tyler Graham Suzanne Selhorn Mc Grauu Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi

More information

Lean Supply Chain and Logistics Management Paul Myerson

Lean Supply Chain and Logistics Management Paul Myerson Lean Supply Chain and Logistics Management Paul Myerson New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto Contents Chapter 1 Chapter

More information

Manager's Guide to Performance Management

Manager's Guide to Performance Management A Ok Briefcase Book Manager's Guide to Performance Management Second Edition Robert Bacal Me Grain/ Hill McGraw-Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San

More information

Development Effort & Duration

Development Effort & Duration Practical Software Project Estimation: A Toolkit for Estimating Software Development Effort & Duration International Software Benchmarking Standards Group Compiled and edited by Peter R. Hill Mc Grauu

More information

for Hundreds of Ready-to-Use Phrases to Set the Stage for Productive Conversations, Meetings, and Events Meryl Runion with Diane Windingland

for Hundreds of Ready-to-Use Phrases to Set the Stage for Productive Conversations, Meetings, and Events Meryl Runion with Diane Windingland PERFECT PHRASES for Hundreds of Ready-to-Use Phrases to Set the Stage for Productive Conversations, Meetings, and Events Meryl Runion with Diane Windingland Mc Graw Hill New York Chicago San Francisco

More information

Master Data Management and Data Governance Second Edition

Master Data Management and Data Governance Second Edition Master Data Management and Data Governance Second Edition Alex Berson Larry Dubov Mc Grauu Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore

More information

PMP Project Management Professional Study Guide, Third Edition

PMP Project Management Professional Study Guide, Third Edition PMP Project Management Professional Study Guide, Third Edition Joseph Phillips McGraw-Hill is an independent entity from the Project Management Institute, Inc. and is not affiliated with the Project Management

More information

Contents. Assessing Social Media Security. Chapter! The Social Media Security Process 3

Contents. Assessing Social Media Security. Chapter! The Social Media Security Process 3 Securing the Clicks: Network Security in the Age of Social Media Gary Bahadur Jason I nasi Alex de Carvalho Mc ssr New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan

More information

Management. Oracle Fusion Middleware. 11 g Architecture and. Oracle Press ORACLE. Stephen Lee Gangadhar Konduri. Mc Grauu Hill.

Management. Oracle Fusion Middleware. 11 g Architecture and. Oracle Press ORACLE. Stephen Lee Gangadhar Konduri. Mc Grauu Hill. ORACLE Oracle Press Oracle Fusion Middleware 11 g Architecture and Management Reza Shafii Stephen Lee Gangadhar Konduri Mc Grauu Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan

More information

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker ALL ElNis ONE CEH Certified Ethical Hacker EXAM GUIDE Matt Walker Mc Grain/ New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto McGraw-Hill

More information

IMPROVEMENT THE PRACTITIONER'S GUIDE TO DATA QUALITY DAVID LOSHIN

IMPROVEMENT THE PRACTITIONER'S GUIDE TO DATA QUALITY DAVID LOSHIN i I I I THE PRACTITIONER'S GUIDE TO DATA QUALITY IMPROVEMENT DAVID LOSHIN ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann

More information

ux BEST PRACTICES How To Achieve More Impact With User Experience Helmut Degen and XiaoweiYuan With support of Nan Guo Graw

ux BEST PRACTICES How To Achieve More Impact With User Experience Helmut Degen and XiaoweiYuan With support of Nan Guo Graw ux BEST PRACTICES How To Achieve More Impact With User Experience Helmut Degen and XiaoweiYuan With support of Nan Guo Graw New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi

More information

Understanding the Pros and Cons of Combination Networks 7. Acknowledgments Introduction. Establishing the Numbers of Clients and Servers 4

Understanding the Pros and Cons of Combination Networks 7. Acknowledgments Introduction. Establishing the Numbers of Clients and Servers 4 Mac OS X System Administration GUY HART-DAVIS Mc Graw Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto Acknowledgments Introduction,

More information

ITS Project Management

ITS Project Management ITS Project Management Policy Contents I. POLICY STATEMENT II. REASON FOR POLICY III. SCOPE IV. AUDIENCE V. POLICY TEXT VI. PROCEDURES VII. RELATED INFORMATION VIII. DEFINITIONS IX. FREQUENTLY ASKED QUESTIONS

More information

Web Application Security

Web Application Security Web Application Security A Beginner's Guide Bryan Sullivan Vincent Liu Mc r New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto Contents

More information

C ONTENTS. Acknowledgments

C ONTENTS. Acknowledgments kincaidtoc.fm Page vii Friday, September 20, 2002 1:25 PM C ONTENTS Preface Acknowledgments xxi xxvii Part 1 CRM: Is It Right for Your Company? 1 Chapter 1 Commerce in the 21st Century 3 1.1 Understanding

More information

SharePoint 2010. Overview, Governance, and Planning. (^Rll^^fc^ i ip?"^biifiis:'iissiipi. Scott Jamison. Susan Hanley Mauro Cardarelli.

SharePoint 2010. Overview, Governance, and Planning. (^Rll^^fc^ i ip?^biifiis:'iissiipi. Scott Jamison. Susan Hanley Mauro Cardarelli. Ec,V$%fMM SharePoint 2010 i ip?"^biifiis:'iissiipi Overview, Governance, (^Rll^^fc^ and Planning Ipft^'" Scott Jamison Susan Hanley Mauro Cardarelli Upper Saddle River, NJ Boston Indianapolis San Francisco

More information

Security Information and

Security Information and Security Information and Event Management (SIEM) Implementation DAVID R. MILLER SHON HARRIS I ALLEN A. HARPER STEPHEN VANDYKE CHRIS BLASK Mc Graw Hill New York Chicago San Francisco Lisbon London Madrid

More information

Oracle JDeveloper 10g for Forms & PL/SQL

Oracle JDeveloper 10g for Forms & PL/SQL ORACLE Oracle Press Oracle JDeveloper 10g for Forms & PL/SQL Peter Koletzke Duncan Mills Me Graw Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore

More information

THE COMPLETE PROJECT MANAGEMENT METHODOLOGY AND TOOLKIT

THE COMPLETE PROJECT MANAGEMENT METHODOLOGY AND TOOLKIT THE COMPLETE PROJECT MANAGEMENT METHODOLOGY AND TOOLKIT GERARD M. HILL CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an informa business

More information

VISUALIZING DATA POWER VIEW. with MICROSOFT. Brian Larson. Mark Davis Dan English Paui Purington. Mc Grauu. Sydney Toronto

VISUALIZING DATA POWER VIEW. with MICROSOFT. Brian Larson. Mark Davis Dan English Paui Purington. Mc Grauu. Sydney Toronto VISUALIZING DATA with MICROSOFT POWER VIEW Brian Larson Mark Davis Dan English Paui Purington Mc Grauu New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore

More information

Integration in Practice

Integration in Practice ORACLe Oracle Press Hudson Continuous Integration in Practice Ed Burns and Winston Prakash Mc Graw Hill Education New York Chicago San Francisco Athens London Madrid Mexico City Milan New Delhi Singapore

More information

Measuring Data Quality for Ongoing Improvement

Measuring Data Quality for Ongoing Improvement Measuring Data Quality for Ongoing Improvement A Data Quality Assessment Framework Laura Sebastian-Coleman ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE

More information

How to Implement Lean Manufacturing

How to Implement Lean Manufacturing How to Implement Lean Manufacturing Lonnie Wilson Me Graw Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto Contents Preface Acknowledgments

More information

Relationship marketing

Relationship marketing Relationship marketing WBIbliothek Exploring relational strategies in marketing FOURTH EDITION JOHN EGAN London South Bank University Financial Times Prentice Hall is an imprint of Harlow, England London

More information

Cloud Computing: A Practical Approach

Cloud Computing: A Practical Approach Cloud Computing: A Practical Approach Anthony T. Veite Toby J. Veite, Ph.D. Robert Elsenpeter Mc Graw Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul

More information

Electric Power Distribution

Electric Power Distribution Electric Power Distribution A S Pabla Consulting Engineer and Former Chief Engineer Punjab State Electricity Board McGraw-Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New

More information

Applications. Oracle WebCenter 11 g Handbook: Build Rich, Customizable Enterprise 2.0. Oracle Press ORACLE. Philipp Weckerle.

Applications. Oracle WebCenter 11 g Handbook: Build Rich, Customizable Enterprise 2.0. Oracle Press ORACLE. Philipp Weckerle. ORACLE Oracle Press Oracle WebCenter 11 g Handbook: Build Rich, Customizable Enterprise 2.0 Applications Frederic Desbiens Peter Moskovits Philipp Weckerle Mc Graw Hill New York Chicago San Francisco Lisbon

More information

SOFTWARE TESTING AS A SERVICE

SOFTWARE TESTING AS A SERVICE SOFTWARE TESTING AS A SERVICE ASHFAQUE AHMED (g) CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an informa business AN AUERBACH BOOK

More information

AGILE TESTING A PRACTICAL GUIDE FOR TESTERS AND AGILE TEAMS. TT r\ Addison-Wesley

AGILE TESTING A PRACTICAL GUIDE FOR TESTERS AND AGILE TEAMS. TT r\ Addison-Wesley AGILE TESTING A PRACTICAL GUIDE FOR TESTERS AND AGILE TEAMS Lisa Crispin Janet Gregory TT r\ Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich

More information

Workflow Administration of Windchill 10.2

Workflow Administration of Windchill 10.2 Workflow Administration of Windchill 10.2 Overview Course Code Course Length TRN-4339-T 2 Days In this course, you will learn about Windchill workflow features and how to design, configure, and test workflow

More information

Purchasing and Supply Chain Management

Purchasing and Supply Chain Management Eighth Edition Purchasing and Supply Chain Management KENNETH LYSONS MA, MEd, PhD, Dipl.PA, AcDip.Ed., DMS, FCIS, FCIPS, Flnst M, MILT BRIAN FARRINGTON BSc(Econ), MSc, PhD, FCIPS PEARSON Harlow, England

More information

Data Warehouse Design

Data Warehouse Design Data Warehouse Design Modern Principles and Methodologies Matteo Golfarelli Stefano Rizzi Translated by Claudio Pagliarani Mc Grauu Hill New York Chicago San Francisco Lisbon London Madrid Mexico City

More information

WebLogic Server 11g Administration Handbook

WebLogic Server 11g Administration Handbook ORACLE: Oracle Press Oracle WebLogic Server 11g Administration Handbook Sam R. Alapati Mc Graw Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore

More information

Financial Statement Analysis

Financial Statement Analysis Financial Statement Analysis Valuation Credit analysis Executive compensation Christian V. Petersen and Thomas Plenborg Financial Times Prentice Hall is an imprint of Harlow, England London New York Boston

More information

Networking. Sixth Edition. A Beginner's Guide BRUCE HALLBERG

Networking. Sixth Edition. A Beginner's Guide BRUCE HALLBERG Networking A Beginner's Guide Sixth Edition BRUCE HALLBERG Mc Graw Hill Education New York Chicago San Francisco Athens London Madrid Mexico City Milan New Delhi Singapore Sydney Toronto Contents Acknowledgments

More information

October 7, 2011. Presented to. The PMI Washington DC Chapter. Pedro Agosto. Director of Client Services, XA Systems, LLC. pedro.agosto@xasystems.

October 7, 2011. Presented to. The PMI Washington DC Chapter. Pedro Agosto. Director of Client Services, XA Systems, LLC. pedro.agosto@xasystems. October 7, 2011 Presented to The PMI Washington DC Chapter By Pedro Agosto Director of Client Services, XA Systems, LLC pedro.agosto@xasystems.com Introduction Re-evaluating IT Services Today s Challenges

More information

Business Administration of Windchill PDMLink 10.0

Business Administration of Windchill PDMLink 10.0 Business Administration of Windchill PDMLink 10.0 Overview Course Code Course Length TRN-3160-T 3 Days After completing this course, you will be well prepared to set up and manage a basic Windchill PDMLink

More information

Risk Analysis and the Security Survey

Risk Analysis and the Security Survey Risk Analysis and the Security Survey Fourth Edition James F. Broder Eugene Tucker ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEWYORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Butterworth-Heinemann

More information

Measuring and. Communicating. Security's Value. A Compendium of Metrics. for Enterprise Protection

Measuring and. Communicating. Security's Value. A Compendium of Metrics. for Enterprise Protection Measuring and Communicating Security's Value A Compendium of Metrics for Enterprise Protection George Campbell AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE

More information

Computing. Federal Cloud. Service Providers. The Definitive Guide for Cloud. Matthew Metheny ELSEVIER. Syngress is NEWYORK OXFORD PARIS SAN DIEGO

Computing. Federal Cloud. Service Providers. The Definitive Guide for Cloud. Matthew Metheny ELSEVIER. Syngress is NEWYORK OXFORD PARIS SAN DIEGO Federal Cloud Computing The Definitive Guide for Cloud Service Providers Matthew Metheny ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEWYORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO

More information

Software Security. Building Security In. Gary McGraw. A Addison-Wesley

Software Security. Building Security In. Gary McGraw. A Addison-Wesley Software Security Building Security In Gary McGraw A Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo Singapore

More information

Securing the Cloud. Cloud Computer Security Techniques and Tactics. Vic (J.R.) Winkler. Technical Editor Bill Meine ELSEVIER

Securing the Cloud. Cloud Computer Security Techniques and Tactics. Vic (J.R.) Winkler. Technical Editor Bill Meine ELSEVIER Securing the Cloud Cloud Computer Security Techniques and Tactics Vic (J.R.) Winkler Technical Editor Bill Meine ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

More information

Big Data Analytics From Strategie Planning to Enterprise Integration with Tools, Techniques, NoSQL, and Graph

Big Data Analytics From Strategie Planning to Enterprise Integration with Tools, Techniques, NoSQL, and Graph Big Data Analytics From Strategie Planning to Enterprise Integration with Tools, Techniques, NoSQL, and Graph David Loshin ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN

More information

Contents. iii. ix xi xi xi xiii xiii xiii xiv xv xvi xvii xix

Contents. iii. ix xi xi xi xiii xiii xiii xiv xv xvi xvii xix What s New in Microsoft Office Project 2003 Getting Help Getting Help with This Book and Its CD-ROM Getting Help with Microsoft Office Project 2003 Using the Book s CD-ROM What s on the CD-ROM System Requirements

More information

Oracle Big Data Handbook

Oracle Big Data Handbook ORACLG Oracle Press Oracle Big Data Handbook Tom Plunkett Brian Macdonald Bruce Nelson Helen Sun Khader Mohiuddin Debra L. Harding David Segleau Gokula Mishra Mark F. Hornick Robert Stackowiak Keith Laker

More information

Customer Relationship Management

Customer Relationship Management Customer Relationship Management Concepts and Technologies Second edition Francis Buttle xlloillvlcjx. AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY

More information

ISE Northeast Executive Forum and Awards

ISE Northeast Executive Forum and Awards ISE Northeast Executive Forum and Awards October 3, 2013 Company Name: Project Name: Presenter: Presenter Title: University of Massachusetts Embracing a Security First Approach Larry Wilson Chief Information

More information

Introduction to Windchill Projectlink 10.2

Introduction to Windchill Projectlink 10.2 Introduction to Windchill Projectlink 10.2 Overview Course Code Course Length TRN-4270 1 Day In this course, you will learn how to participate in and manage projects using Windchill ProjectLink 10.2. Emphasis

More information

SOA Governance. Stephen G. Bennett, Clive Gee, Robert Laird, Co-authored and edited by Thomas Erl. Governing

SOA Governance. Stephen G. Bennett, Clive Gee, Robert Laird, Co-authored and edited by Thomas Erl. Governing SOA Governance Governing Shared Services On-Premise and in the Cloud Co-authored and edited by Thomas Erl Stephen G. Bennett, Clive Gee, Robert Laird, Anne Thomas Manes, Robert Schneider, Leo Shuster,

More information

CONTEMPORARY DIRECT & INTERACTIVE MARKETING

CONTEMPORARY DIRECT & INTERACTIVE MARKETING SECOND EDITION CONTEMPORARY DIRECT & INTERACTIVE MARKETING Lisa D. Spiller Christopher Newport University Martin Baier Boston Columbus Indianapolis New York San Francisco Upper Saddle River Amsterdam Cape

More information

Contents. Foreword. Acknowledgments Introduction

Contents. Foreword. Acknowledgments Introduction The Manager's Handbook for Corporate Security Establishing and Managing a Successful Assets Protection Program Dr. Gerald L Kovacich Edward P. Halibozek ilu TTERWORTH I N E M A N N An imprint of Elsevier

More information

Data Warehousing in the Age of Big Data

Data Warehousing in the Age of Big Data Data Warehousing in the Age of Big Data Krish Krishnan AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD * PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of Elsevier

More information

Study Guide. Professional vsphere 4. VCP VMware Certified. (ExamVCP4IO) Robert Schmidt. IVIC GratAf Hill

Study Guide. Professional vsphere 4. VCP VMware Certified. (ExamVCP4IO) Robert Schmidt. IVIC GratAf Hill VCP VMware Certified Professional vsphere 4 Study Guide (ExamVCP4IO) Robert Schmidt McGraw-Hill is an independent entity from VMware Inc. and is not affiliated with VMware Inc. in any manner.this study/training

More information

Winning the Hardware-Software Game

Winning the Hardware-Software Game Winning the Hardware-Software Game Using Game Theory to Optimize the Pace of New Technology Adoption Ruth D. Fisher PRENTICE Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal

More information

NEW ZEALAND FINANCIAL ACCOUNTING

NEW ZEALAND FINANCIAL ACCOUNTING J Q OOO####I i ' WWc #OOO####CI # «0O O0OQi###t i oi oo ###0 # i CRAIG DEEGAN / GRANT SAMKIN RMIT University University of Waikato NEW ZEALAND FINANCIAL ACCOUNTING The McGraw-Hill Companieii Sydney New

More information

How Leaders Improve Performance. in a Post-Lean Six Sigma World. Edward S. Pound Jeffrey H. Bell Mark L. Spearman. Mc Graw Education.

How Leaders Improve Performance. in a Post-Lean Six Sigma World. Edward S. Pound Jeffrey H. Bell Mark L. Spearman. Mc Graw Education. FACTORY PHYSICS FOR MANAGERS How Leaders Improve Performance in a Post-Lean Six Sigma World Edward S. Pound Jeffrey H. Bell Mark L. Spearman Mc Graw Education Hill New York Chicago San Francisco Athens

More information

Job Hazard Analysis. A Guide for Voluntary Compliance and Beyond. From Hazard to Risk: Transforming the JHA from a Tool to a Process

Job Hazard Analysis. A Guide for Voluntary Compliance and Beyond. From Hazard to Risk: Transforming the JHA from a Tool to a Process Job Hazard Analysis A Guide for Voluntary Compliance and Beyond From Hazard to Risk: Transforming the JHA from a Tool to a Process James E. Roughton Nathan Crutchfield E L S E V I E R AMSTERDAM. BOSTON.

More information

Implementing the Project Management Balanced Scorecard

Implementing the Project Management Balanced Scorecard Implementing the Project Management Balanced Scorecard Jessica Keyes CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an informa business

More information

Social Media Marketing

Social Media Marketing Social Media Marketing Tracy L. Tuten East Carolina University Michael R. Solomon The University of Manchester (U.K.) Saint Josephs University Boston Columbus Indianapolis New York San Francisco Upper

More information

MIKE COHN. Software Development Using Scrum. VAddison-Wesley. Upper Saddle River, NJ Boston Indianapolis San Francisco

MIKE COHN. Software Development Using Scrum. VAddison-Wesley. Upper Saddle River, NJ Boston Indianapolis San Francisco Software Development Using Scrum MIKE COHN VAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Cape Town Sydney Tokyo Singapore

More information

Public Relations in Schools

Public Relations in Schools Public Relations in Schools Fifth Edition Theodore J. Kowalski University of Dayton Boston Columbus Indianapolis New York San Francisco Upper Saddle River Amsterdam Cape Town Dubai London Madrid Milan

More information

Service Operations Management

Service Operations Management Third Edition Robert Johnston and Graham Clark Service Operations Management Improving Service Delivery Prentice Hall FINANCIAL TIMES An imprint of Pearson Education Harlow, England London New York Boston

More information

From Big Data to Big Profits SUCCESS WITH DATA AND ANALYTICS. Russell Walker OXFORD UNIVERSITY PRESS

From Big Data to Big Profits SUCCESS WITH DATA AND ANALYTICS. Russell Walker OXFORD UNIVERSITY PRESS From Big Data to Big Profits SUCCESS WITH DATA AND ANALYTICS Russell Walker OXFORD UNIVERSITY PRESS Contents Foreword xiii Preface xvii Acknowledgments xix Introduction xxi Definitions of Concepts and

More information

TABLE OF CONTENTS CHAPTER TITLE PAGE

TABLE OF CONTENTS CHAPTER TITLE PAGE viii TABLE OF CONTENTS CHAPTER TITLE PAGE TITLE PAGE DECLARATION DEDICATION ACKNOWLEDGEMENT ABSTRACT ABSTRAK TABLE OF CONTENTS LIST OF TABLES LIST OF FIGURES LIST OF APPENDICES I II III IV VI VII VIII

More information

Master Data Management

Master Data Management Master Data Management David Loshin AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO Ик^И V^ SAN FRANCISCO SINGAPORE SYDNEY TOKYO W*m k^ MORGAN KAUFMANN PUBLISHERS IS AN IMPRINT OF ELSEVIER

More information

Project Management Guidelines

Project Management Guidelines Project Management Guidelines 1. INTRODUCTION. This Appendix (Project Management Guidelines) sets forth the detailed Project Management Guidelines. 2. PROJECT MANAGEMENT PLAN POLICY AND GUIDELINES OVERVIEW.

More information

HAROLD CAMPING i ii iii iv v vi vii viii ix x xi xii 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52

More information

The Crossroads of Accounting & IT

The Crossroads of Accounting & IT The Crossroads of Accounting & IT Donna Kay, MBA, PhD, CPA, CITP Maryville University of Saint Louis Ali Ovlia, MS, DM Webster University Pearson Boston Columbus- Indianapolis New York San Francisco Upper

More information

SECOND EDITION THE SECURITY RISK ASSESSMENT HANDBOOK. A Complete Guide for Performing Security Risk Assessments DOUGLAS J. LANDOLL

SECOND EDITION THE SECURITY RISK ASSESSMENT HANDBOOK. A Complete Guide for Performing Security Risk Assessments DOUGLAS J. LANDOLL SECOND EDITION THE SECURITY RISK ASSESSMENT HANDBOOK A Complete Guide for Performing Security Risk Assessments DOUGLAS J. LANDOLL CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is

More information

Cisco. A Beginner's Guide Fifth Edition ANTHONY T. VELTE TOBY J. VELTE. City Milan New Delhi Singapore Sydney Toronto. Mc Graw Hill Education

Cisco. A Beginner's Guide Fifth Edition ANTHONY T. VELTE TOBY J. VELTE. City Milan New Delhi Singapore Sydney Toronto. Mc Graw Hill Education Cisco A Beginner's Guide Fifth Edition ANTHONY T. VELTE TOBY J. VELTE Mc Graw Hill Education New York Chicago San Francisco Athens London Madrid Mexico City Milan New Delhi Singapore Sydney Toronto Contents

More information

To learn more about this book, visit Microsoft Learning

To learn more about this book, visit Microsoft Learning To learn more about this book, visit Microsoft Learning http://www.microsoft.com/mspress/books/9804.aspx Table of Contents Acknowledgments..............................................................

More information

Building VPNs. Nam-Kee Tan. With IPSec and MPLS. McGraw-Hill CCIE #4307 S&

Building VPNs. Nam-Kee Tan. With IPSec and MPLS. McGraw-Hill CCIE #4307 S& Building VPNs With IPSec and MPLS Nam-Kee Tan CCIE #4307 S& -.jr."..- i McGraw-Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto

More information

Manager Development Solutions

Manager Development Solutions HR Leadership Council s Manager Development Solutions Assess. Plan. Develop. Monitor. If you re looking for a tool that you can easily implement while adding value to your leadership development process

More information

THE PROFESSIONAL RISK MANAGERS' GUIDE TO THE ENERGY MARKET

THE PROFESSIONAL RISK MANAGERS' GUIDE TO THE ENERGY MARKET THE PROFESSIONAL RISK MANAGERS' GUIDE TO THE ENERGY MARKET Edited by PETER C. FUSARO New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto

More information

RFID in the Supply Chain

RFID in the Supply Chain RFID in the Supply Chain Pedro M. Reyes Me Gram/ Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto Foreword Preface ix xi Part

More information

Delivery. Continuous. Jez Humble and David Farley. AAddison-Wesley. Upper Saddle River, NJ Boston Indianapolis San Francisco

Delivery. Continuous. Jez Humble and David Farley. AAddison-Wesley. Upper Saddle River, NJ Boston Indianapolis San Francisco Continuous Delivery Jez Humble and David Farley AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Cape Town Sydney Tokyo Singapore

More information

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War Vulnerability Risk Management 2.0 Best Practices for Managing Risk in the New Digital War In 2015, 17 new security vulnerabilities are identified every day. One nearly every 90 minutes. This consistent

More information

LINCOLNSHIRE COUNTY COUNCIL May 09. JEM Number: 4123

LINCOLNSHIRE COUNTY COUNCIL May 09. JEM Number: 4123 LINCOLNSHIRE COUNTY COUNCIL May 09 JOB DESCRIPTION DIRECTORATE: Development Division/Section/Branch: Service Development Service/Sub-Division: JOB TITLE: Highway Asset Manager JEM Number: 4123 GRADE: REPORTS

More information

RESILIENT. SECURE and SOFTWARE. Requirements, Test Cases, and Testing Methods. Mark S. Merkow and Lakshmikanth Raghavan. CRC Press

RESILIENT. SECURE and SOFTWARE. Requirements, Test Cases, and Testing Methods. Mark S. Merkow and Lakshmikanth Raghavan. CRC Press SECURE and RESILIENT SOFTWARE Requirements, Test Cases, and Testing Methods Mark S. Merkow and Lakshmikanth Raghavan CRC Press Taylor & Francis Group Boca Raton London New York CRC Press Is an imprint

More information

Introduction to Windchill PDMLink 10.0 for Heavy Users

Introduction to Windchill PDMLink 10.0 for Heavy Users Introduction to Windchill PDMLink 10.0 for Heavy Users Overview Course Code Course Length TRN-3146-T 2 Days In this course, you will learn how to complete the day-to-day functions that enable you to create

More information

INCIDENT RESPONSE & COMPUTER FORENSICS, SECOND EDITION

INCIDENT RESPONSE & COMPUTER FORENSICS, SECOND EDITION " - * INCIDENT RESPONSE & COMPUTER FORENSICS, SECOND EDITION CHRIS PROSISE KEVIN MANDIA McGraw-Hill /Osborne New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul

More information

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287

More information

O 0. Visiting Reader, Plymouth Business School, University of Plymouth

O 0. Visiting Reader, Plymouth Business School, University of Plymouth »: : 0JO.J8>J O)_(O) _( )_( )_«* Wo* oiox 5) (COO O 0 o Jim Blythe Visiting Reader, Plymouth Business School, University of Plymouth Phil Megicks University of Plymouth Financial Times Prentice Hall is

More information

Project Management Theory and Practice

Project Management Theory and Practice Project Management Theory and Practice Gary L. Richardson CRC Press Taylor& Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an informa business AN AUERBACH

More information

The Six Sigma Handbook

The Six Sigma Handbook The Six Sigma Handbook A Complete Guide for Green Belts, Black Belts, and Managers at All Levels Thomas Pyzdek Paul A. Keller Third Edition Me Graw Hill New York Chicago San Francisco Lisbon London Madrid

More information

REPORT. 2016 Outlook: Vulnerability Risk Management and Remediation Trends

REPORT. 2016 Outlook: Vulnerability Risk Management and Remediation Trends REPORT 2016 Outlook: Vulnerability Risk Management and Remediation Trends Table of Contents Executive Summary... 3 Current Trends in Vulnerability Risk Management... 4 Putting Management in Vulnerability

More information

Macroeconomics. Manfred Gartner. Prentice Hall THIRD EDITION. University of St Gallen, Switzerland. An imprint of Pearson Education

Macroeconomics. Manfred Gartner. Prentice Hall THIRD EDITION. University of St Gallen, Switzerland. An imprint of Pearson Education Macroeconomics THIRD EDITION Manfred Gartner University of St Gallen, Switzerland Prentice Hall FINANCIAL TIMES An imprint of Pearson Education Harlow, England London New York Boston San Francisco Toronto

More information

IT Manager's Handbook

IT Manager's Handbook IT Manager's Handbook Getting your new job done Third Edition Bill Holtsnider Brian D. Jaffe AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan

More information

Windchill PDMLink 10.2. Curriculum Guide

Windchill PDMLink 10.2. Curriculum Guide Windchill PDMLink 10.2 Curriculum Guide Live Classroom Curriculum Guide Update to Windchill PDMLink 10.2 from Windchill PDMLink 9.0/9.1 for the End User Introduction to Windchill PDMLink 10.2 for Light

More information

Business Architecture

Business Architecture Business Architecture A Practical Guide JONATHAN WHELAN and GRAHAM MEADEN GOWER Contents List of Figures List of Tables About the Authors Foreword Preface Acknowledgemen ts Abbreviations IX xi xiii xv

More information

HANDBOOK OF CORPORATE FINANCE

HANDBOOK OF CORPORATE FINANCE HANDBOOK OF CORPORATE FINANCE A business companion to financial markets, decisions & techniques 2nd edition Glen Arnold Financial Times Prentice Hall is an imprint of Harlow, England London New York Boston

More information

Schneps, Leila; Colmez, Coralie. Math on Trial : How Numbers Get Used and Abused in the Courtroom. New York, NY, USA: Basic Books, 2013. p i.

Schneps, Leila; Colmez, Coralie. Math on Trial : How Numbers Get Used and Abused in the Courtroom. New York, NY, USA: Basic Books, 2013. p i. New York, NY, USA: Basic Books, 2013. p i. http://site.ebrary.com/lib/mcgill/doc?id=10665296&ppg=2 New York, NY, USA: Basic Books, 2013. p ii. http://site.ebrary.com/lib/mcgill/doc?id=10665296&ppg=3 New

More information