Improving metrics in cyber resiliency
- Details
- Published: Friday, 08 September 2017 07:05
The Cloud Security Alliance (CSA) has announced the release of a new white paper designed to help enterprises develop metrics and processes to measure threats before they become cyberattacks and recover functionality lost in the wake of those attacks.
‘Improving metrics in cyber resiliency’ also introduces two key metrics: Elapsed Time to Identify Failure (ETIF) and Elapsed Time to Identify Threat (ETIT); and proposes that the responsibility for measuring and reporting each be transferred from companies whose systems encounter cyberattacks to those in the intrusion detection system space. By doing so, researchers suggest that it would encourage the development of superior algorithms that are needed to detect anomalies and improve cyber resiliency.
“It is our hope that this report will initiate discussion and eventually encourage competition within the intrusion detection system space,” said Dr. Senthil Arul, lead author of the document. “As more companies are storing operation assets away from local servers, it’s clear that we need to bolster asset resiliency in the cloud if we are to keep operational resiliency unaffected.”
Companies and individuals interested in supporting cyber resiliency as a CSA area of interest can contact research@cloudsecurityalliance.org for more information.
