"Carl S. Young, VP [and senior risk strategist at a major international corporation], has delivered a volume to make the technology bedrock of security more comprehensible. To justify any security measure, Young shows how risk management can be understood quantitatively. Thatâs important because so many workplace decisions on vulnerability are made after calculating risk metrics."--Security Letter, Vol. XL, No. 9 (September 2010) "â¦This author has a unique and useful perspective on an important and timely topic."-- Jon A. Schmidt, PE, BSCP, Director of Antiterrorism Services, Burns & McDonnell, Kansas City, MO.
"Dealing with security risks requires not only the wisdom and experience to assess threats, but also the scientific and technical knowledge to mitigate their risk. Carl Young's wide-ranging expertise in both these areas has been recognized and honored during his distinguished career in government and in the private sector, and informs this fascinating bookâ¦[T]his book will be valuable to security professionals as well as concerned citizens."--Prof Emeritus Sidney Drell, Deputy Director, Stanford Linear Accelerator Center (1969-1998).
"In the post 9/11 world we had to find cost effective, practical, risk-based, resilient solutions to immensely challenging issues. Carl Young was, and is, central to that work. He combines academic brilliance with practical, hands-on experience of delivering security solutions. This book is a synthesis of that work."--James A. King, CBE, Senior UK government security and counterterrorism advisor (1978-2008). Head of Security and Fraud, Lloyds Banking Group, UK.
"There is nobody in the field of security who surpasses Carl Young's experience and expertise. And now, for the benefit of us all, he has written Metrics and Methods for Security Risk Management. From the thoughtful layout of the chapters, to the clarity of his language and examples, Carl has given the gift of his experience as a scientist and hands-on professional with a talent for writing. This book provides direction and disciplined analysis essential for risk managers and security professionals serious about their work and their careers."--Ed Stroz, Co-president, Stroz Friedberg LLC, leading IT security and digital forensics consulting firm.