tag:blogger.com,1999:blog-9126889845924473010.post4593873500426196843..comments2023-08-21T12:05:31.383+02:00Comments on Security Thoughts: Because Hackers Don't Care... (Why Metrics Don't Work)Allen Baranovhttp://www.blogger.com/profile/15266570478283454532noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-9126889845924473010.post-18527273996369568792008-06-03T06:52:00.000+02:002008-06-03T06:52:00.000+02:00The metrics are not lying, just the understanding ...The metrics are not lying, just the understanding of the quantitative methods used to determine them is lacking.<BR/><BR/>The methods and means of deteriming valid metrics are perception based and are not scientific. <BR/><BR/>There are many risk methodologies that are valid and which have been deployed in finance and operational engineering for decades. <BR/><BR/>Come on, even marketing is Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-9126889845924473010.post-92146798737429042882008-04-30T09:06:00.000+02:002008-04-30T09:06:00.000+02:00This is just a simple example and I'm sure a lot o...This is just a simple example and I'm sure a lot of InfoSec departments measure % machines with up to date virus signatures. <BR/><BR/>The fact is that 90% is better than 80% but 99% is not nearly as good as 100%.Anonymoushttps://www.blogger.com/profile/03852785044280265442noreply@blogger.comtag:blogger.com,1999:blog-9126889845924473010.post-20623220404701307922008-04-30T02:54:00.000+02:002008-04-30T02:54:00.000+02:00I look at this differently. To me, metrics are use...I look at this differently. To me, metrics are useful when the context is understood in a way that allows a story to be told.<BR/><BR/>In this case, the metrics seem to be flawed - but I would argue the wrong things are being measured. Stated differently, the challenge is knowing what to measure and how to find it.Unknownhttps://www.blogger.com/profile/13919644217461896016noreply@blogger.comtag:blogger.com,1999:blog-9126889845924473010.post-79591625996958173892008-04-30T01:07:00.000+02:002008-04-30T01:07:00.000+02:00I have had this happen to me once before. I got a ...I have had this happen to me once before. I got a virus even though I have up to date anti-virus software installed on my PC.<BR/><BR/>I caught the virus via a web page with malware on it.<BR/><BR/>I had to discover how to rid my machine of the virus manually. I found instructions online, but it took a while before I managed that feat.<BR/><BR/>The virus blocked my access to certain known Richard Cattohttps://www.blogger.com/profile/03143030488851675036noreply@blogger.comtag:blogger.com,1999:blog-9126889845924473010.post-84373709063937766102008-04-29T17:15:00.000+02:002008-04-29T17:15:00.000+02:00Metrics don't lie, they're just interpreted badly....Metrics don't lie, they're just interpreted badly.Unknownhttps://www.blogger.com/profile/13259421662913673571noreply@blogger.com