local security talk

From: Sarah Mocas (sarah@private)
Date: Thu Nov 08 2001 - 15:03:45 PST

Next message: Ken Emmons: "RE: Scam"

Previous message: Shepherd, Chris: "RE: Scam"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Security lecture this Friday
 
 RESEARCHER PRESENTS SECURITY DESIGN COST BENEFIT
 ANALYSIS METHOD IN FRIDAY, NOV. 9 LECTURE
 
Conducting cost-benefit analyses of architectural attributes such 
as security have always been difficult, because the benefits are 
difficult to assess. Specialists usually make security decisions, 
but program managers are left wondering whether their investment 
in security is well spent. In this OCATE lecture on Friday, Nov. 9 
at 12:30 PM Shawn Butler from Carnegie Mellon University presents 
a cost-benefit analysis method called SAEM. The lecture, "Security 
attribute evaluation method: a cost benefit approach," will focus on a
 method that provides security engineers a way to compare alternative 
security designs. Empirical data from a financial and accounting system 
is used to illustrate the key components of SAEM.
 
The lecture will begin with a brief description of a multi-attribute 
risk assessment that results in a prioritized list of risks. Security 
practitioners estimate countermeasure benefits and how the organization's 
risks are reduced. Using SAEM, security design alternatives are compared 
with the organization's current selection of security technologies to
see if a more cost-effective solution is possible. The goal of using SAEM 
is to help convince information-system stakeholders that the security 
investment is consistent with the expected risks.
 
Shawn Butler is a Ph.D. candidate at Carnegie Mellon University where her 
research interest is economic analysis of software design decisions. 
Her thesis research examines how to conduct cost-benefit analysis in 
selecting security technologies. Prior to starting the Ph.D. program, 
Ms. Butler worked as a system engineer on several large military command
and control systems.
 
The lecture, November 9 at 12:30 PM, will be at OCATE in the CAPITAL 
Center, 18640 NW Walker Rd. at 185th Ave. in Beaverton. This is a 
"brown-bag lunch" event -- coffee and tea will be provided.  The lecture 
is cosponsored by the department of computer science at Portland State 
University. For additional information about the lecture visit
http://www.ocate.edu, e-mail info@private, or call 503-725-2200. 
OCATE lectures are free and open to the public.

Next message: Ken Emmons: "RE: Scam"
Previous message: Shepherd, Chris: "RE: Scam"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:30:53 PDT