Security Effectiveness Framework Study
01.11.2014 Views
Share Embed Flag

Security Effectiveness Framework Study

Security Effectiveness Framework Study

Security Effectiveness Framework Study

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
csponomy

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

<strong>Security</strong> <strong>Effectiveness</strong> <strong>Framework</strong> study<br />

The following graphs report each one of the six effectiveness<br />

metrics in greater detail according to the six input<br />

variables.<br />

Figure 12 reports uptime. A comparison of best and<br />

worst case scenarios suggest uptime is influenced by<br />

security environment and governance variables and less<br />

by enabling technologies, controls and culture.<br />

Figure 13 reports compliance. Similar to Figure 12,<br />

security environment and governance have a more significant<br />

impact on compliance than enabling technologies or<br />

organisational culture.<br />

Figure 14 reports threat containment. Unlike the previous<br />

graphs, enabling technologies influence threat containment.<br />

Here, culture, governance and budget have only a<br />

nominal impact.<br />

Figure 15 reports cost efficiency. As shown, governance<br />

has the most significant influence and enabling technology,<br />

controls and culture have a nominal effect on cost<br />

efficiency.<br />

Figure 16 reports breach prevention. Similar to threat containment,<br />

this metric is significantly influenced by enabling<br />

technologies and controls, and less influenced by budget,<br />

governance and culture.<br />

Figure 17 reports policy enforcement. Clearly, governance<br />

and the security environment have the greatest impact on<br />

this effectiveness metric.<br />

Figure 12: Uptime<br />

Figure 15: Cost efficiency<br />

6.00<br />

4.00<br />

2.00<br />

6.00<br />

0.00<br />

4.00<br />

-2.00 6.00<br />

2.00<br />

-4.00<br />

0.00<br />

-6.00 2.00<br />

-2.00<br />

0.00<br />

-4.00<br />

-2.00<br />

-6.00<br />

-4.00<br />

-6.00<br />

5.00<br />

10.00<br />

-5.00<br />

10.00<br />

-10.00<br />

5.00<br />

-5.00<br />

0.00<br />

-10.00<br />

-5.00<br />

Culture<br />

<strong>Security</strong><br />

environment<br />

Enabling<br />

technologies<br />

Controls Governance Budget<br />

Worst case Illustration Best case<br />

<strong>Security</strong> Enabling Controls Governance Budget<br />

environment technologies<br />

<strong>Security</strong><br />

Worst case<br />

Enabling<br />

Illustration<br />

Controls Governance<br />

Best case<br />

Budget<br />

environment technologies<br />

Worst case Illustration Best case<br />

Figure 10.00 13: Compliance<br />

-10.00<br />

10.00<br />

8.00<br />

6.00<br />

4.00<br />

10.00<br />

2.00<br />

8.00<br />

0.00<br />

10.00 6.00<br />

-2.00<br />

4.00<br />

-4.00<br />

8.00<br />

2.00<br />

-6.00<br />

6.00<br />

0.00<br />

-8.00<br />

4.00<br />

-2.00<br />

-10.00<br />

-4.00 0.00<br />

-6.00 -2.00<br />

-8.00 -4.00<br />

-10.00 -6.00<br />

-8.00<br />

-10.00<br />

Culture<br />

Culture<br />

Culture<br />

Culture<br />

Culture<br />

Culture<br />

Culture<br />

Culture<br />

<strong>Security</strong><br />

environment<br />

Figure 14: Threat containment<br />

Enabling<br />

technologies<br />

Controls Governance Budget<br />

<strong>Security</strong> Worst case Enabling Illustration Controls Best Governance case Budget<br />

environment technologies<br />

<strong>Security</strong> Enabling Controls Governance Budget<br />

environment Worst case technologies Illustration Best case<br />

Worst case Illustration Best case<br />

<strong>Security</strong><br />

environment<br />

Enabling<br />

technologies<br />

Controls Governance Budget<br />

<strong>Security</strong> Worst case Enabling Illustration Controls Best Governance case Budget<br />

environment technologies<br />

<strong>Security</strong> Enabling Controls Governance Budget<br />

environment Worst case technologies Illustration Best case<br />

Worst case Illustration Best case<br />

6.00<br />

4.00<br />

2.00<br />

6.00<br />

0.00<br />

4.00<br />

-2.00<br />

2.00<br />

-4.00<br />

0.00<br />

-6.00<br />

-2.00<br />

-4.00<br />

-6.00<br />

2.00<br />

6.00<br />

0.00<br />

4.00<br />

-2.00 6.00<br />

2.00<br />

-4.00<br />

4.00<br />

0.00<br />

-2.00<br />

Culture<br />

<strong>Security</strong><br />

environment<br />

6.00<br />

Figure 16: Breach prevention<br />

4.00<br />

-4.00 0.00<br />

-2.00<br />

-4.00<br />

-6.00<br />

8.00<br />

6.00<br />

4.00<br />

2.00 8.00<br />

0.00 6.00<br />

-2.00 4.00<br />

-4.00 2.00 6.00<br />

-6.00 0.00 4.00<br />

-8.00 -2.00<br />

-4.00 0.00<br />

-6.00<br />

-2.00<br />

-8.00<br />

-4.00<br />

Culture<br />

Culture<br />

Culture<br />

Culture<br />

Culture<br />

Culture<br />

<strong>Security</strong><br />

environment<br />

Figure 17: Policy enforcement<br />

Culture<br />

<strong>Security</strong><br />

environment<br />

Enabling<br />

technologies<br />

Enabling<br />

technologies<br />

Enabling<br />

technologies<br />

Controls Governance Budget<br />

Worst case Illustration Best case<br />

<strong>Security</strong> Enabling Controls Governance Budget<br />

environment technologies<br />

Worst case Illustration Best case<br />

Controls Governance Budget<br />

Worst case Illustration Best case<br />

<strong>Security</strong> Enabling Controls Governance Budget<br />

environment technologies<br />

Worst case Illustration Best case<br />

<strong>Security</strong> Enabling Controls Governance Budget<br />

environment technologies<br />

Worst case Illustration Best case<br />

Controls Governance Budget<br />

Worst case Illustration Best case<br />

<strong>Security</strong> Enabling Controls Governance Budget<br />

environment technologies<br />

<strong>Security</strong> Enabling Controls Governance Budget<br />

environment Worst case technologies Illustration Best case<br />

Worst case Illustration Best case<br />

18<br />

Sponsored by: HP Information <strong>Security</strong> and Check Point Software -2.00Technologies Ltd.<br />

-4.00<br />

Ponemon Institute © Research Report & Instrument<br />

8.00<br />

6.00<br />

4.00<br />

2.00<br />

0.00<br />

-6.00<br />

-8.00<br />

Culture <strong>Security</strong> Enabling Controls Governance Budget

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!