White paper introduces key metrics to measure threats, recover lost functionality in wake of attack
SEATTLE, Aug. 30, 2017 /PRNewswire/ — The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced the release of Improving Metrics in Cyber Resiliency. Developed by a group of subject matter experts within the CSA community, the new white paper is designed to help enterprises develop metrics and processes to measure threats before they become cyberattacks and recover functionality lost in the wake of those attacks.
The paper also introduces two key metrics—Elapsed Time to Identify Failure (ETIF) and Elapsed Time to Identify Threat (ETIT)—and proposes that the responsibility for measuring and reporting each be transferred from companies whose systems encounter cyberattacks to those in the Intrusion Detection System (IDS) space. By doing so, researchers suggest that it would encourage the development of superior algorithms that are needed to detect anomalies and improve cyber resiliency. According to the Ponemon Institute, the average cost of a data breach for a U.S. company is in the neighborhood of $5.4 million and in 2014, in the U.S. alone, spending on cybersecurity reached more than $70 billion.
“It is our hope that this report will initiate discussion and eventually encourage competition within the intrusion detection system space,” said Dr. Senthil Arul, lead author of the document. “As more companies are storing operation assets away from local servers, it’s clear that we need to bolster asset resiliency in the cloud if we are to keep operational resiliency unaffected.”
Companies and individuals interested in supporting cyber resiliency as a CSA area of interest can contact firstname.lastname@example.org for more information.
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa