Information Security Indicators

Introduction

The threat from cyber attacks is growing and represents a significant risk to industry, which could include huge loss of intellectual property or of reputation.

Industry is focusing increasingly on security assurance. But a global reference framework is needed to provide a valid means of assessing an organization’s security status. The key issue is to define a full set of measurements – or security indicators – which would be shared widely.

This would enable organizations to assess themselves accurately and to benchmark their level of assurance and the effectiveness of their security measures. It could also lead to the emergence of commonly recognized and reliable statistics.

Our Role & Activities

Our Industry Specification Group on Information Security Indicators (ISG ISI) is producing specifications which together will form a reliable and commonly-recognized reference model for the measurement of information security risks.

We expect to complete our work in this area in 2015. Our earliest specifications are already being widely used across Europe, and have been adopted by some national information security agencies as a means of providing a shared method of classifying and notifying security events.

These specifications are expected to help enforce the forthcoming European Commission critical infrastructure directive and data protection legislation (the revision of the Data Protection Directive 95/46/EC).

Standards

The following is a list of the latest published ETSI standards on information security indicators.

A full list of related standards in the public domain is accessible via the ETSI standards search. Via this interface you can also subscribe for alerts on updates of ETSI standards.

For work in progress see the ETSI Work Programme on the Portal.

Standard No. Standard title.
GS ISI 005 Information Security Indicators (ISI); Guidelines for security event detection testing and assessment of detection effectiveness
GS ISI 002 Information Security Indicators (ISI); Event Model A security event classification model and taxonomy
GS ISI 001-1 Information Security Indicators (ISI); Indicators (INC); Part 1: A full set of operational indicators for organizations to use to benchmark their security posture
GS ISI 001-2 Information Security Indicators (ISI); Indicators (INC); Part 2: Guide to select operational indicators based on the full set given in part 1
GS ISI 003 Information Security Indicators (ISI); Key Performance Security Indicators (KPSI) to evaluate the maturity of security event detection
GS ISI 003 Information Security Indicators (ISI); Key Performance Security Indicators (KPSI) for the evaluation of maturity detection of security events
GS ISI 004 Information Security Indicators (ISI); Guidelines for event detection implementation
GS ISI 001-1 Information Security Indicators (ISI); Indicators (INC); Part 1: A full set of operational indicators for organizations to use to benchmark their security posture
GS ISI 001-2 Information Security Indicators (ISI); Indicators (INC); Part 2: Guide to select operational indicators based on the full set given in part 1
GS ISI 002 Information Security Indicators (ISI); Event Model A security event classification model and taxonomy