Collection of Quantitative Data on Security Incidents

10 years 9 months ago
Collection of Quantitative Data on Security Incidents
Quantitative data about security threats is a precondition for a precise assessment of security risks and consequently for an efficient management of information security. Currently such data is hardly available, especially for small and medium-sized organizations. In this paper we discuss different ways of gathering quantitative data and present a new approach for the collection of historical data on security incidents. We propose a platform that collects, aggregates and evaluates data on security incidents from multiple organizations. We identify basic requirements for such a platform and show approaches for satisfying them. We especially emphasize the aspects of security and fairness. Finally we introduce a prototype that shows how an implementation could look like.
Thomas Nowey, Hannes Federrath
Added 03 Jun 2010
Updated 03 Jun 2010
Type Conference
Year 2007
Authors Thomas Nowey, Hannes Federrath
Comments (0)