Mini-Metricon 6.5 was a one-day event, Monday, February 27, 2012, co-located with the RSA Conference, in San Francisco, CA. This page contains a description of the event, presentations, and the original CFP.
- Alessandro Acquisiti, CMU, The Value of Privacy
Human-in-the-loop Panel and Presentations
- Bob Rudis and Albert Yin, Liberty Mutual — Using Peer Pressure to Improve Security KPIs
- Steve Kruse and Bill Pankey, RSA — Assessing User Awareness
- Bryan Ware, Digital Sandbox — Evaluating Pattern of Life Indicators to Prioritize Monitoring of Potential Insiders
Lightning Talks and Lunch Break
- Wade Baker, Verizon
- Matthew Fleming, HSI — Measuring Cybersecurity Information Sharing
- Steve Christey, MITRE
- Derek Gabbard, LookingGlass — Cyber Situational Awareness, or: Internets and Ecosystems and Traffic – Oh My!
- Mischel Kwon, MKA — Cyber Security Metrics
- John Streufert, DHS — Federal Continuous Monitoring Case Study: Department of State
- Jennifer Bayuk, SIT — Security Survey SME
- Andreq Jaquith, Perimeter E-Security — What We Can Learn from Everyday Metrics
Data Mining Methods for Enterprise Level Security
Panel Chair: Scott Crawford, Enterprise Management Associates
- Ed Bellis, Honeyapps
- Mark Clancy, DTCC
- Chris Eng, Veracode — State of Software Security Report
- Micha Govshteyn, Alert Logic — State of Cloud Security 2012 – Spring
- Martin McKeay, Akamai — The State of the Internet
- John Nye, SoundByte
- Andrew Jaquith, Perimeter E-Security — Best and Worst Data-Driven Security Reports of 2011
Chair: Bryan Ware, Digital Sandbox, Inc.
- Jennifer Bayuk, Bayuk.com
- Gretchen Brainard
- Joel Brenner, Author “America the Vulnerable”
- Dan Geer, In-Q-Tel
- Mischel Kwon, MKA
- Holly Ridgeway, USDOJ
- John Streufert, US Dept. of State
- Richard Struse, Dept. of Homeland Security
Original Call for Participation
Through the cooperation of RSA, the workshop will be held at the University of San Francisco, within walking distance of the Moscone Center, the location of the RSA Conference, to be held during the same week. Mini-Metricon attendees are eligible for free RSA exhibit passes.
Like its predecessors, Mini-Metricon 6.5 is an informal workshop designed to facilitate exchange of new ideas as well as practical experience in using metrics to drive better security, compliance, and risk management. The day will be divided between open/moderated exchange and short presentations. Participants are expected to come prepared to actively interact as either presenters or active listeners (or both).
This year, the Program Committee would especially like to request presentations that discuss The Human in the Loop. We are soliciting papers that range from behavioral considerations that drive insider threats, to the use of social media for social engineering, to the ways that networks or software are exploited through human vulnerabilities.
If you would like to participate:
Due to space limitations, we are asking all who are interested in participating to send an email to firstname.lastname@example.org. In the email reques, please provide some information about who you are, your interest/experience with metrics, what metrics you can bring to discuss, and your preferred level of participation:
- presenter, or
- active audience participant.
Potential presenters must provide an abstract of 5 paragraphs or less that describes the nature of the metrics and metric results that you would like to present.
Submission of recent, previously published work as well as simultaneous submissions to multiple venues is acceptable if disclosed in your proposal.
Potential active audience participants should indicate your area(s) of specific interest.
Following past Metricon practice, preference will be given to those who respond to this CfP with actual work in progress that demonstrates the value of security metrics with respect to a security-related goal.
Visit securitymetrics.org for digests, presentations, and handouts from past Metricon Workshops.
To get invitations out well beforehand, we’d like all email submissions to be in-hand by January 2 and notifications are planned for January 15. However, we realize this is short notice and will hold a presentation slot or two to accommodate requests for invitation that come after January 2. These will be reviewed on first-come first serve until the program is full and/or the day of the event. Our goal is to send invitations to participate by January 15.
- 2 Jan 2012 — Responses Due to this Call
- 15 Jan 2012 — Notification of Acceptance
- 27 Feb 2012 — Mini-Metricon 6.5 Workshop
Please feel free to contact the Program Chair Bryan Ware (
email@example.com) with any questions. Inquiries beyond administrative matters will be forwarded to the Committee.