All Posts

The Futility of Geographic Security Metrics

While I would not call this a trend, I have noticed that lots of security companies like to put together impressive-looking charts, graphs and reports that purport to compare various metrics by country. Here are two recent examples:

What do Security-Conscious People Choose?

At security conferences and events, I have noticed that the distribution of operating systems seems to differ somewhat from what I read in the papers. As my last post showed, the Internet Identity Workshop skewed decidedly in the Mac direction.

I thought it would be fun to put together a quick poll asking the members of the mailing what operating systems they used. I sent out a note asking the membership to respond to two simple questions:

Metrics from Internet Identity Workshop

This week, I am attending two security shows: the Internet Identity Workshop (IIW) in Mountain View, and the CardTech show in San Francisco. Both of these venues offer contrasting views of the portable identity market, an area I cover professionally for Yankee Group. As many people who know me can personally testify, I like to count things. Here a few statistics that will probably interest only me:

Microsoft Security Intelligence Report 2H06

This is essentially a forward reference to a comment I made to another blog, but as it is related to the nature of reporting for vulnerabilities and quantitative progress against them, perhaps it is relevant here.

More Praise for “Security Metrics”

The bloggiste at Layer 8 just declared Security Metrics to be “That Good”. I have no idea who shrdlu actually is. But whomever she is, she deserves a hearty thank-you and an offer of a beer should we ever meet in person. Here is a snippet of what she said:

Alex Hutton Likes “Security Metrics”

Alex Hutton was one of the editorial reviewers for several chapters of Security Metrics, and offered some excellent feedback during the writing stages. Now that the book has shipped, as a way of saying “thank-you” my publisher Addison-Wesley hooked him up with a copy.