Metrics for Measuring the Efficacy of Critical-Infrastructure-Centric Cybersecurity Information Sharing Efforts

57 Pages Posted: 17 Jan 2013

See all articles by Matthew Fleming

Matthew Fleming

Homeland Security Studies and Analysis Institute; Georgetown University

Eric Goldstein

Homeland Security Studies and Analysis Institute

Date Written: November 15, 2012

Abstract

Efforts to secure and defend public- and private-sector cyber systems rely in part on information sharing. Information sharing strengthens the nation’s cybersecurity posture by allowing participating entities to have the broadest possible understanding of the tactics, techniques, and procedures of cyber threat actors and the vulnerabilities of cyber systems. Armed with this understanding, cyber defenders can better deter, prevent, disrupt, and recover from malicious cyber activity. Cybersecurity information sharing occurs in various fora in the public and private sectors. Within the Department of Homeland Security, the Office of Cybersecurity and Communications (CS&C) facilitates the sharing of actionable raw indicators and finished analytic products among entities in critical infrastructure sectors and the federal government. To ensure that such critical-infrastructure-centric cybersecurity information sharing efforts succeed in their missions, CS&C asked the Homeland Security Studies and Analysis Institute to develop a holistic, theory-driven suite of performance-measurement metrics. Taken together, metrics within this suite can serve to suggest whether efforts are 1) functioning as anticipated; and 2) having the desired impact. This paper presents the suite of metrics and associated findings of the research, including its theoretical foundations. Guided by first principles and literature on information, information theory, decision theory, and uncertainty (as well as best practices in performance measurement), the paper recommends using a suite of metrics that measure various relevant inputs, processes, outputs, and outcomes of critical-infrastructure-centric cybersecurity information sharing efforts.

Suggested Citation

Fleming, Matthew and Goldstein, Eric, Metrics for Measuring the Efficacy of Critical-Infrastructure-Centric Cybersecurity Information Sharing Efforts (November 15, 2012). Available at SSRN: https://ssrn.com/abstract=2201033 or http://dx.doi.org/10.2139/ssrn.2201033

Matthew Fleming (Contact Author)

Homeland Security Studies and Analysis Institute ( email )

5275 Leesburg Pike
Suite N-5000
Falls Church, VA 22041
United States

Georgetown University

Washington, DC 20057
United States

Eric Goldstein

Homeland Security Studies and Analysis Institute ( email )

5275 Leesburg Pike
Suite N-5000
Falls Church, VA 22041
United States

Register to save articles to
your library

Register

Paper statistics

Downloads
681
rank
36,317
Abstract Views
2,707
PlumX Metrics