In information technology, benchmarking of computer security requires measurements for comparing both different IT systems and single IT systems in dedicated situations. The technical approach is a pre-defined catalog of security events (security incident and vulnerability) together with corresponding formula for the calculation of security indicators that are accepted and comprehensive.
Information security indicators have been standardized by the ETSI Industrial Specification Group (ISG) ISI. These indicators provide the basis to switch from a qualitative to a quantitative culture in IT Security Scope of measurements: External and internal threats (attempt and success), user's deviant behaviours, nonconformities and/or vulnerabilities (software, configuration, behavioural, general security framework). In 2019 the ISG ISI terminated and related standards will be maintained via the ETSI TC CYBER.
The list of Information Security Indicators belongs to the ISI framework that consists of the following eight closely linked Work Items:
ISI Indicators (ISI-001-1[1] and Guide ISI-001-2[2]): A powerful way to assess security controls level of enforcement and effectiveness (+ benchmarking)
ISI Event Model (ISI-002[3]): A comprehensive security event classification model (taxonomy + representation)
ISI Maturity (ISI-003[4]): Necessary to assess the maturity level regarding overall SIEM capabilities (technology/people/process) and to weigh event detection results. Methodology complemented by ISI-005 (which is a more detailed and case-by-case approach)
ISI Guidelines for event detection implementation (ISI-004[5]): Demonstrate through examples how to produce indicators and how to detect the related events with various means and methods (with classification of use cases/symptoms)
ISI Event Stimulation (ISI-005[6]): Propose a way to produce security events and to test the effectiveness of existing detection means (for major types of events)
An ISI-compliant Measurement and Event Management Architecture for Cyber Security and Safety (ISI-006[7]): This work item focuses on designing a cybersecurity language to model threat intelligence information and enable detection tools interoperability.
ISI Guidelines for building and operating a secured SOC (ISI-007[8]): A set of requirements to build and operate a secured SOC (Security Operations Center) addressing technical, human and process aspects.
ISI Description of a whole organization-wide SIEM approach (ISI-008[9]): A whole SIEM (CERT/SOC based) approach positioning all ISI aspects and specifications.
Preliminary work on information security indicators have been done by the French Club R2GS. The first public set of the ISI standards (security indicators list and event model) have been released in April 2013.
^ETSI GS ISI 001-1 (V1.1.2): ISI Indicators Part 1; A full set of operational indicators for organizations to use to benchmark their security posture (2015-06) [1]
^ETSI GS ISI 001-2 (V1.1.2): ISI Indicators Part 2; Guide to select operational indicators based on the full set given in part 1 (2015-06) [2]
^ETSI GS ISI 002 (V1.2.1): ISI Event Model; A security event classification model and taxonomy (2015-11) [3]
^ETSI GS ISI 003 (V1.2.1): ISI Key Performance Security Indicators (KPSI) to evaluate the maturity of security event detection (2018-01) [4]
^ETSI GS ISI 005 (V1.1.1): ISI Guidelines for security event detection testing and assessment of detection effectiveness (2015-11) [6]
^ETSI GS ISI 006 (V1.1.1): An ISI-driven Measurement and Event Management Architecture (IMA) and CSlang - A Common ISI Semantics Specification Language (2019-02) [7]
^ETSI GS ISI 007 (V1.1.1): Guidelines for building and operating a secured
Security Operations Center (SOC) (2018-12) [8]
^ETSI GS ISI 008 (V1.1.1): Description of an Overall Organization-wide Security
Information and Event Management (SIEM) Approach (2018-06) [9]
and 26 Related for: Information security indicators information
comprehensive. Informationsecurityindicators have been standardized by the ETSI Industrial Specification Group (ISG) ISI. These indicators provide the...
Information securityindicatorsInformationsecurity management Informationsecurity standards Information technology Information technology security audit...
Securityinformation and event management (SIEM) is a field within the field of computer security, where software products and services combine security...
indicators are usually exchanged within the industry, where the Traffic Light Protocol is being used. AlienVault Mandiant Malware Malware Information...
Information sensitivity is the control of access to information or knowledge that might result in loss of an advantage or level of security if disclosed...
encompasses more than traditional records management. It incorporates informationsecurity and protection, compliance, data quality, data governance, electronic...
define security requirements, along with legislation (if applicable) and other contracts. These requirements can act as key performance indicators (KPIs)...
acknowledge the alarm event; this may deactivate some alarm indicators, whereas other indicators remain active until the alarm conditions are cleared. Alarm...
system for handling incoming indicators from Industry. Privacy advocates opposed a version of the Cybersecurity Information Sharing Act, passed by the Senate...
(WHO) For all Indicators under Targets 2.3 and 2.5, and for Indicators 2.a.1 and 2.c.1: Food and Agriculture Organization (FAO) Indicator 2.4.1: United...
Provide indicators for computer emergency response teams and incident response groups. There are three key elements that must be present for information or...
2023, four indexes have been released. The researchers use a total of 13 indicators, spanning from employment and education regulations to perceptions of...
The information ratio measures and compares the active return of an investment (e.g., a security or portfolio) compared to a benchmark index relative to...
indicators of American strategic moves. This phenomenon was described in detail by Mark M. Lowenthal, an expert on intelligence and national security...
The Security Industry Authority (SIA) is the statutory organisation responsible for regulating the private security industry in the UK. Established as...
the objective of food securityindicators and measurements is to capture some or all of the main components of food security in terms of food availability...
can provide threat indicators at higher semantic levels. There are two types of indicators: Indicator of compromise - An indicator of compromise (IOC)...
future trends is what technical indicators are designed to do, although neither technical nor fundamental indicators are perfect. Some traders use technical...
Governance Indicators project, developed by members of the World Bank and the World Bank Institute. The project reports aggregate and individual indicators for...
behavioral indicators, and pre-diagnostic medical data. It would leverage existing disease models, identify abnormal health early indicators, and mine...
suggestive of peacefulness. In 2017, 23 indicators were used to establish peacefulness scores for each country. The indicators were originally selected with the...
Retirement Security: Women Face Challenges in Ensuring Financial Security in Retirement Childstats.gov - America's Children: Key National Indicators of Well-Being...
and documentation for more effective threat intelligence, by sharing indicators of compromise. There are several organizations who run MISP instances...
The list of security hacking incidents covers important or noteworthy events in the history of security hacking and cracking. Magician and inventor Nevil...
targets and indicators provides a complete overview of all the targets and indicators for the 17 Sustainable Development Goals. The global indicator framework...
Global Information