Distance metrics for evaluation progress in IT Security

Abstract:

The paper addressees the aspects of IT security and risks associated to different causes using a statistical approach in the attempt to profile the Romanian economy within the European Union (using a selection on indicators reported in their for the latest data available). The need to address the numerical measurement of such relations is driven from the evidence that there is a profound inference of the digital universe on business and professional life, impacting on the ability of organizations to manage effectively the IT risks associated to their regular activity.

In order for eenterprises to choose the proper approach aimed to raise the awareness of ICT security policy, the relevant risks should be evaluated and their level benchmarked to a reference – most of the time, the best practices elsewhere or even the average level of a commonly agreed measure play this role. The paper uses a technique used as a benchmark method for assessing performance in order to point out the distance of a certain subject ( in this case, Romanian economy) to the current state of other UE state members regarding several IT and ICT security indicators. The relevance of the topic starts from the increased interest of ICT professionals in security issues as organizations become increasingly concerned about the costs and risks of maintaining a reasonable level of information security.