Cyber Metrics in the DoD, or: How Do We Know What We Don’t Know?

https://www.google.com/url?sa=i&url=https%3A%2F%2Fwww.gao.gov%2Fproducts%2Fgao-19-384&psig=AOvVaw0DEn4b45z2lC9j4I_GyYb7&ust=1625684893329000&source=images&cd=vfe&ved=0CAoQjRxqFwoTCLiSmaqSz_ECFQAAAAAdAAAAABAD

Presented: November 11, 2014 12:00 pm (ET)
Presented by: Dr. John Bay

The need and desire for metrics on cybersecurity has been a priority request from OSD leadership for ten years. When “cyber” became a quasi-official warfighting “domain” a decade ago, major programs of record were categorized as “cyber” programs. As such, the programs needed quantitative program parameters so that DoD leadership could track financial progress, technical performance, and capability milestones. Those program parameters, though, surpassed what the science and the state-of-the-art could provide. Eventually, the definition and standardization of workable cyber security metrics became a subject of study itself. This talk will summarize the speaker’s experience with DoD needs for cyber security metrics, the S&T communities suggestions, the current state of practice, and speculation on additional metrics for the future. In particular, metrics will be proposed that track capabilities, maturity, mission support, cost, and adversarial advantage.

Computer Icon

Host a Webinar with CSIAC

Are you interested in delivering a webinar presentation on your DoD research and engineering efforts?

Want to find out more about this topic?

Request a FREE Technical Inquiry!