|
Public Dashboards: Overview |
|
The following public dashboards are available to all visitors to MetricsCenter. Each of these dashboards was created using standard MetricsCenter services. These services include facilities for ingesting and cleansing data, joining datasets from disparate sources, performing quantitative analysis and visualizing results in both static images and dynamic widgets.
Each dashboard is organizaed as a collection of tabbed pages. Each tabbed page is organized into cells arranged in rows and columns. Each cell holds one widget that visualizes metric results. Each widget can be unstructured text, static images, a flash graphic, or a custom html "page-let".
The following table provides a description and access to each dashboard. Click on either the Dashboard Title or a data source image to navigate to a dashboard.
Dashboard
|
Data Sources |
Description |
Sample Community Dashboard
|
Community Metric Results
|
The sample community dashboard displays standard widgets for both current distribution and longitudinal trends for selected metrics from the Center for Internet Security Consensus Metrics Project.
Note that public users are not logged-in and have not provided data, so the YouAreHere blue bar and blue trend-line will not appear in displayed active widgets.
|
Public Breaches
|
 |
The Public Breaches dashboard displays metric results derived from the DataLossDB that is maintained by the Open Security Foundation (OSF). Metric results include:
- BreachCount metrics aggregated by time (months, quarters), type of data lost, market segment, how the breach occurred, and whether the breach was performed inside or outside the organization.
- BreachImpact metrics based upon the number of affected individuals (Total Affected).
- Breach Gradient metrics that measure the change in BreachCount over time, again aggregated along selected dimensions such as Inside vs Outside.
- Correlation metrics that measure the interactions between various breach characteristics such as the breach type (how it was performed) and data lost(e.g credit cards, SSN's, etc)
|
| Vulnerabilities |
|
The Public Vulnerabilities dashboard displays metric results derived from two databases:
- The National Vulnerabilities Database (NVD) maintained by the National Institute of Scient and Technology (NIST)
- The Open Security Vulnerabilities Data Base (OSVDB) maintained by the Open Security Foundation (OSF)
Metric results include:
- Vendor scores designed to reflect the change over time of vulnerabilities released and discovered in commercial product
- Top 10 lists
- NIST Workload Factor, a metric for characterizing the aggregate workload imposed on data center operations by discovered vulnerabilities. Many metrics are derived from both of these data sources and compared.
|
Stock Price Impact
|
|
The Stock Price Impact dashboard displays metric results derived from two data sources:
- The DatalossDB from the Open Security Foundation
- Daily stock price historical data from the Google Finance website
A Company dataset was extracted from the DataLossDB by identifying all public companies with breaches that occurred starting in Jan 2006 to the present time. For each company in the Companies dataset, historical daily stock price data was obtained from the Google Finance website for a period starting 30 days before and 90 days after the breach. The following metric results were derived from this dataset:
- Stock Price Gradient metrics to characterize stock price movement (increasing, decreasing) before and after a breach date
- Market Gradient metrics to characterize market movement (increasing or decreasing) before and after a breach date.
- Oberved vs expected values for the number of companies whose stock proce movement was similar or difference to the market before and after a breach
- Visualization of results via an interactive stock price analysis dispaly
|
|
