What We Do
The CyberGreen Institute is active on many fronts. We provide a variety of capabilities and services that will help you improve your own cyber health. Contact us to learn more.
Cyber Health Measurement
The development and application of statistical methods to data allows for measurement of key indicators of malicious activity and risk conditions. These methods will provide analytical insight about patterns, priorities, and trends for action by the CERT/CSIRT community, and others.
Establishing accurate and comprehensive data sources will enable CyberGreen to produce valuable cyber health risk metrics. CyberGreen will continuously seek to identify and recruit the best possible data sources to service the measurement of global cyber health and risk conditions. We will evolve these sources as our understanding of cyber health and measurement advances, and serve as a trusted broker between emerging CERTs and data sources.
Providing a Clearing House for Mitigation
The primary means for CyberGreen to enable the mitigation of cyber health risks is through the development and operation of the CyberGreen Platform. The Platform provides a mechanism for gathering data for metrics, to drive mitigation practices, and to provide tools for conducting statistical analysis.
CyberGreen will identify partners in the developing world, and provide the necessary training for participation in recognized risk mitigation and cyber health improvement efforts. The uniqueness of this capacity-building program is not only in providing training, but also providing actual data and tools to support continuous cleanup and hygiene-raising operations. CyberGreen metrics can provide a scoreboard for the effectiveness of efforts in targeted regions, or of specific projects.
CyberGreen will also strive to engage the policy-making and media communities as active participants in pursuing cyber health. We are working with partners to initiate a public awareness campaign to ensure that governments, businesses, the media, and individuals recognize the value of a healthy cyber ecosystem.
We have developed the CyberGreen Statistics platform v.2, which features metrics-based measurement and visualizations as well as the ability to compare across countries and autonomous systems. You can access the platform by clicking on the title above.
CyberGreen Metrics position paper: Shades of Green [pdf]
An analysis by Dr. Dan Geer, CyberGreen stats special advisor, on the direction of CyberGreen’s metrics.
CyberGreen Platform v.2 system architecture overview and requirements [pdf]
Using lessons learned from v.1, along with end user expectations, an overview of the architecture for Platform v.2 and its requirements have been prepared by L. Aaron Kaplan and Dr. Rufus Pollock.
Be sure to check out our presentation archive.
Concept Paper [pdf]
We developed our original concept paper in 2014, which you can find by clicking on the title above. Visit our current program description to learn what we’re up to now.
Cybersecurity metrics, specifically for Cyber Health, have long suffered from a lack of statistical rigor. The origin of this omission is multi-fold, including issues in collection, the inability to cross-compare data, and a failure to apply normalization techniques. The absence of statistically meaningful cybersecurity metrics prevents the ability to compare organizations and efforts over time, and blocks an effective evaluation of cybersecurity investments.