Metrics and Methods for Security Risk Management - 1st Edition - ISBN: 9781856179782, 9781856179799

Metrics and Methods for Security Risk Management

1st Edition

Authors: Carl Young
Paperback ISBN: 9781856179782
eBook ISBN: 9781856179799
Imprint: Syngress
Published Date: 8th July 2010
Page Count: 296
Tax/VAT will be calculated at check-out
49.95
30.99
38.95
Unavailable
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Description


About the Author

Foreword

Preface

Acknowledgments

Part I The Structure of Security Risk

Chapter 1 Security Threats and Risk

1.1 Introduction to Security Risk or Tales of the Psychotic Squirrel and the Sociable Shark

1.2 The Fundamental Expression of Security Risk

1.3 Introduction to Security Risk Models and Security Risk Mitigation

1.4 Summary

Chapter 2 The Fundamentals of Security Risk Measurements

2.1 Introduction

2.2 Linearity and Non-linearity

2.3 Exponents, Logarithms and Sensitivity to Change

2.4 The Exponential Function ex

2.5 The Decibel (dB)

2.6 Security Risk and the Concept of Scale

2.7 Some Common Physical Models in Security Risk

2.8 Visualizing Security Risk

2.9 An Example: Guarding Costs

2.10 Summary

Chapter 3 Risk Measurements and Security Programs

3.1 Introduction

3.2 The Security Risk Assessment Process

3.3 Managing Security Risk

3.4 Security Risk Audits

3.5 Security Risk Program Frameworks

3.6 Summary

Part II Measuring and Mitigating Security Risk

Chapter 4 Measuring the Likelihood Component of Security Risk

4.1 Introduction

4.2 Likelihood or Potential for Risk?

4.3 Estimating the Likelihood of Randomly Occurring Security Incidents

4.4 Estimating The Potential for Biased Security Incidents

4.5 Averages and Deviations

4.6 Actuarial Approaches to Security Risk

4.7 Randomness, Loss, and Expectation Value

4.8 Financial Risk

4.9 Summary

Chapter 5 Measuring the Vulnerability Component of Security Risk

5.1 Introduction

5.2 Vulnerability to Information Loss through Unauthorized Signal Detection

5.3 Vulnerability to Explosive Threats

5.4 A Theory of Vulnerability to Computer Network Infections

5.5 Biological, Chemical and Radiological Weapons

5.6 The Visual Compromise of Information

5.7 Summary

Chapter 6 Mitigating Security Risk: Reducing Vulnerability

6.1 Introduction

6.2 Audible Signals

6.3 Electromagnetic Signals

6.4 Vehicle-borne Explosive Threats: Barriers and Bollards

6.5 Explosive Threats

6.6 Radiological Threats

6.7 Biological Threats

6.8 Mitigating the Risk of Chemical Threats (briefly noted)

6.9 Guidelines on Reducing the Vulnerability to Non-Traditional Threats in Commercial Facilities

6.10 Commercial Technical Surveillance Countermeasures (TSCM)

6.11 Electromagnetic Pulse (EMP) Weapons

6.12 Summary

Epilogue

Appendix A

Appendix B

Appendix C

Appendix D

Appendix E

Appendix F

Appendix G

Appendix H

Index




Key Features

    Offers an integrated approach to assessing security risk

    Addresses homeland security as well as IT and physical security issues

    * Describes vital safeguards for ensuring true business continuity

    Readership

    Security managers with both IT security and physical security responsibilities; counterterrorism practitioners

    Table of Contents


    About the Author

    Foreword

    Preface

    Acknowledgments

    Part I The Structure of Security Risk

    Chapter 1 Security Threats and Risk

    1.1 Introduction to Security Risk or Tales of the Psychotic Squirrel and the Sociable Shark

    1.2 The Fundamental Expression of Security Risk

    1.3 Introduction to Security Risk Models and Security Risk Mitigation

    1.4 Summary

    Chapter 2 The Fundamentals of Security Risk Measurements

    2.1 Introduction

    2.2 Linearity and Non-linearity

    2.3 Exponents, Logarithms and Sensitivity to Change

    2.4 The Exponential Function ex

    2.5 The Decibel (dB)

    2.6 Security Risk and the Concept of Scale

    2.7 Some Common Physical Models in Security Risk

    2.8 Visualizing Security Risk

    2.9 An Example: Guarding Costs

    2.10 Summary

    Chapter 3 Risk Measurements and Security Programs

    3.1 Introduction

    3.2 The Security Risk Assessment Process

    3.3 Managing Security Risk

    3.4 Security Risk Audits

    3.5 Security Risk Program Frameworks

    3.6 Summary

    Part II Measuring and Mitigating Security Risk

    Chapter 4 Measuring the Likelihood Component of Security Risk

    4.1 Introduction

    4.2 Likelihood or Potential for Risk?

    4.3 Estimating the Likelihood of Randomly Occurring Security Incidents

    4.4 Estimating The Potential for Biased Security Incidents

    4.5 Averages and Deviations

    4.6 Actuarial Approaches to Security Risk

    4.7 Randomness, Loss, and Expectation Value

    4.8 Financial Risk

    4.9 Summary

    Chapter 5 Measuring the Vulnerability Component of Security Risk

    5.1 Introduction

    5.2 Vulnerability to Information Loss through Unauthorized Signal Detection

    5.3 Vulnerability to Explosive Threats

    5.4 A Theory of Vulnerability to Computer Network Infections

    5.5 Biological, Chemical and Radiological Weapons

    5.6 The Visual Compromise of Information

    5.7 Summary

    Chapter 6 Mitigating Security Risk: Reducing Vulnerability

    6.1 Introduction

    6.2 Audible Signals

    6.3 Electromagnetic Signals

    6.4 Vehicle-borne Explosive Threats: Barriers and Bollards

    6.5 Explosive Threats

    6.6 Radiological Threats

    6.7 Biological Threats

    6.8 Mitigating the Risk of Chemical Threats (briefly noted)

    6.9 Guidelines on Reducing the Vulnerability to Non-Traditional Threats in Commercial Facilities

    6.10 Commercial Technical Surveillance Countermeasures (TSCM)

    6.11 Electromagnetic Pulse (EMP) Weapons

    6.12 Summary

    Epilogue

    Appendix A

    Appendix B

    Appendix C

    Appendix D

    Appendix E

    Appendix F

    Appendix G

    Appendix H

    Index




    Details

    No. of pages:
    296
    Language:
    English
    Copyright:
    © Syngress 2010
    Published:
    Imprint:
    Syngress
    eBook ISBN:
    9781856179799
    Paperback ISBN:
    9781856179782

    About the Author

    Carl Young

    Carl S. Young is a recognized subject matter expert in information and physical security risk management. He is currently a Managing Director and the Chief Security Officer at Stroz Friedberg, an international security risk consulting firm. He is the former Global Head of Physical Security Technology at Goldman Sachs as well as a former Senior Executive and Supervisory Special Agent at the FBI. He was also a consultant to the JASON Defense Advisory Group. Mr. Young is the author of Metrics and Methods for Security Risk Management (Syngress, 2010), and The Science and Technology of Counterterrorism (Butterworth-Heinemann, 2014) as well as numerous journal publications. In 1997 he was awarded the President’s Foreign Intelligence Advisory Board (PFIAB) James R. Killian Award by the White House for significant individual contributions to U.S. national security. Mr. Young received undergraduate and graduate degrees in mathematics and physics from the Massachusetts Institute of Technology.

    Affiliations and Expertise

    Managing Director and Chief Security Officer, Stroz Friedberg and Adjunct Professor, John Jay College, City University of New York, NY, USA

    Reviews

    "Carl S. Young, VP [and senior risk strategist at a major international corporation], has delivered a volume to make the technology bedrock of security more comprehensible. To justify any security measure, Young shows how risk management can be understood quantitatively. That’s important because so many workplace decisions on vulnerability are made after calculating risk metrics."--Security Letter, Vol. XL, No. 9 (September 2010)

    "…This author has a unique and useful perspective on an important and timely topic."-- Jon A. Schmidt, PE, BSCP, Director of Antiterrorism Services, Burns & McDonnell, Kansas City, MO.

    "Dealing with security risks requires not only the wisdom and experience to assess threats, but also the scientific and technical knowledge to mitigate their risk. Carl Young's wide-ranging expertise in both these areas has been recognized and honored during his distinguished career in government and in the private sector, and informs this fascinating book…[T]his book will be valuable to security professionals as well as concerned citizens."--Prof Emeritus Sidney Drell, Deputy Director, Stanford Linear Accelerator Center (1969-1998).

    "In the post 9/11 world we had to find cost effective, practical, risk-based, resilient solutions to immensely challenging issues. Carl Young was, and is, central to that work. He combines academic brilliance with practical, hands-on experience of delivering security solutions. This book is a synthesis of that work."--James A. King, CBE, Senior UK government security and counterterrorism advisor (1978-2008). Head of Security and Fraud, Lloyds Banking Group, UK.

    "There is nobody in the field of security who surpasses Carl Young's experience and expertise. And now, for the benefit of us all, he has written Metrics and Methods for Security Risk Management. From the thoughtful layout of the chapters, to the clarity of his language and examples, Carl has given the gift of his experience as a scientist and hands-on professional with a talent for writing. This book provides direction and disciplined analysis essential for risk managers and security professionals serious about their work and their careers."--Ed Stroz, Co-president, Stroz Friedberg LLC, leading IT security and digital forensics consulting firm.