Cyber Security Metrics and Measuring Vulnerability

  • Tuesday, 12 Aug 2014 3:00PM EDT (12 Aug 2014 19:00 UTC)
  • Speakers: Chandler Comerford, Dr. Andrew Woodward, Peter Hannay

The measurement of vulnerabilities is not binary. It is not a 0 (not patched) or a 1 (patched). Vulnerability analysis is the measurement of the resources required by attackers to compromise a network against the robustness of the network security infrastructure itself. Tracing attacks through the logical and physical network infrastructure and measuring the difficulty provides a determination of how easy or how hard a given attack is to conduct. Comparing the difficulty of an attack against the consequence of the attack provides the metrics to assess risk and allocate resources accordingly.

This training module will allow students to:

  • Measure the difficulty of the attack based on the current network infrastructure
  • Determine Risk