Taxonomy of cyber security metrics to measure strength of cyber security

Abstract

Cyber security is guarding computer systems, data, network and other resources from unauthorized access and malicious users. There are no direct methods of measuring strength of cyber security. As they say, “You can’t manage what you can’t measure”. One can easily track the efforts taken for security through cyber security metrics. Being a quantifiable measure, metric can be utilized in tracking the status of a specific process and assess its outcomes along with its strength. This work aims to provide taxonomy of cyber security metrics with five basic metrics, along with the tools under Multi Criteria Decision making approach can be used in evaluation of cyber security strength.