Abstract
Enterprise networks have become essential to the operation of companies, laboratories, universities, and government agencies. As they continue to grow both in size and complexity, their security has become a critical concern. Vulnerabilities are regularly discovered in software applications which are exploited to stage cyber attacks. Currently, management of security risk of an enterprise network is more an art than a science. System administrators operate by instinct and experiences rather than relying on objective metrics to guide and justify decision making. Computer networks constitute the core component of information technology infrastructures in areas such as power grids, financial data systems and emergency communication systems. Protection of these networks from malicious intrusions is critical to the economy and security of our nation. Vulnerabilities are regularly discovered in software applications which are exploited to stage cyber attacks. Currently,management of security risk of an enterprise network is more an art than a science. System administrators operate by instinct and experience rather than relying on objective metrics to guide and justify decision making. In this book we develop models and metrics that can be used to objectively assess the security risk in an enterprise network, and techniques on how to use such metrics to guide decision making in cyber defense.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2012 The Author(s)
About this chapter
Cite this chapter
Ou, X., Singhal, A. (2012). The Need for Quantifying Security. In: Quantitative Security Risk Assessment of Enterprise Networks. SpringerBriefs in Computer Science. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-1860-3_1
Download citation
DOI: https://doi.org/10.1007/978-1-4614-1860-3_1
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-1859-7
Online ISBN: 978-1-4614-1860-3
eBook Packages: Computer ScienceComputer Science (R0)