Ciência_Iscte Publications Publication Detailed Description Export

Export Publication

The publication can be exported in the following formats: APA (American Psychological Association) reference format, IEEE (Institute of Electrical and Electronics Engineers) reference format, BibTeX and RIS.

Export Reference (APA)

Sherif, E., Yevseyeva, I., Basto-Fernandes, V. & Cook, A. (2024). The smart approach to selecting good cyber security metrics. Journal of Internet Services and Information Security. 14 (4), 312-330

Export Reference (IEEE)

E. Sherif et al.,  "The smart approach to selecting good cyber security metrics", in Journal of Internet Services and Information Security, vol. 14, no. 4, pp. 312-330, 2024

Export BibTeX

@article{sherif2024_1768314060980,
	author = "Sherif, E. and Yevseyeva, I. and Basto-Fernandes, V. and Cook, A.",
	title = "The smart approach to selecting good cyber security metrics",
	journal = "Journal of Internet Services and Information Security",
	year = "2024",
	volume = "14",
	number = "4",
	doi = "10.58346/JISIS.2024.I4.019",
	pages = "312-330",
	url = "https://jisis.org/"
}

Export RIS

TY  - JOUR
TI  - The smart approach to selecting good cyber security metrics
T2  - Journal of Internet Services and Information Security
VL  - 14
IS  - 4
AU  - Sherif, E.
AU  - Yevseyeva, I.
AU  - Basto-Fernandes, V.
AU  - Cook, A.
PY  - 2024
SP  - 312-330
SN  - 2182-2069
DO  - 10.58346/JISIS.2024.I4.019
UR  - https://jisis.org/
AB  - When it comes to the need to manage cyber security, identifying and utilizing good cyber security metrics is essential. This allows organizations to manage their cyber risk more effectively. However, the literature lacks consensus on the properties and characteristics of good metrics. Hence, the objectives of this work are to explore and identify relevant technical metrics proposed by researchers in the cyber security domain, and then to assess them against the SMART (Specific, Measurable, Actionable, Relevant, and Timely) criteria to determine their feasibility and improve the quality of the selected security metrics. We identified 105 metrics, of which 23 passed the SMART criteria. The resulting set of metrics can be considered as a feasible set of metrics to implement. Additionally, we identified additional criteria that may be considered when assessing security metrics, most of which can be regarded as variants of the SMART criteria except two, wherein the metrics should be inexpensive to gather and independently verifiable via an outside reference.
ER  -