Difference between revisions of "CISO AppSec Guide: References"

From OWASP
Jump to: navigation, search
Line 7: Line 7:
  
 
=== 2013 ===
 
=== 2013 ===
 +
*  Verizon 2013 Data Breach Investigation Report: http://www.verizonenterprise.com/DBIR/2013/
  
 +
* Security Innovation's The Current State of Application Security: https://www.securityinnovation.com/security-lab/our-research/current-state-of-application-security.html
  
 
=== 2012 ===
 
=== 2012 ===
Line 79: Line 81:
  
 
* Dan E Geer Economics and Strategies of Data Security: http://www.amazon.com/Economics-Strategies-Data-Security-DANIEL/dp/B001LZM1BY
 
* Dan E Geer Economics and Strategies of Data Security: http://www.amazon.com/Economics-Strategies-Data-Security-DANIEL/dp/B001LZM1BY
 
== NEEDS CATEGORIES ==
 
 
  
 
[[Category:OWASP_Application_Security_Guide_For_CISO_Project]]
 
[[Category:OWASP_Application_Security_Guide_For_CISO_Project]]

Revision as of 15:52, 23 October 2013

< Back to the Application Security Guide For CISOs

References

Metrics and Benchmarking

In order of report release date.

2013

2012

2011

2010

2009 and prior

Standards

Guidelines and Best Practices

Security Incidents and Data Breaches

Security Investments and Budgets

  • Gordon, L.A. and Loeb, M.P. “The economics of information security investment”, ACM Transactions on Information and Systems Security, Vol.5, No.4, pp.438-457, 2002.