Mini-Metricon 6.5

Mini-Metricon 6.5

March 8, 2012

Mini-Metricon 6.5 was a one-day event, Monday, February 27, 2012, co-located with the RSA Conference, in San Francisco, CA. This page contains a description of the event, presentations, and the original CFP.

Program #


  • Alessandro Acquisiti, CMU, The Value of Privacy

Human-in-the-loop Panel and Presentations

Lightning Talks and Lunch Break

Interactive Discussion

Data Mining Methods for Enterprise Level Security

Panel Chair: Scott Crawford, Enterprise Management Associates

Panel Members:


Program Committee #

Chair: Bryan Ware, Digital Sandbox, Inc.


  • Jennifer Bayuk,
  • Gretchen Brainard
  • Joel Brenner, Author “America the Vulnerable”
  • Dan Geer, In-Q-Tel
  • Mischel Kwon, MKA
  • Holly Ridgeway, USDOJ
  • John Streufert, US Dept. of State
  • Richard Struse, Dept. of Homeland Security

Original Call for Participation #

Through the cooperation of RSA, the workshop will be held at the University of San Francisco, within walking distance of the Moscone Center, the location of the RSA Conference, to be held during the same week. Mini-Metricon attendees are eligible for free RSA exhibit passes.

Like its predecessors, Mini-Metricon 6.5 is an informal workshop designed to facilitate exchange of new ideas as well as practical experience in using metrics to drive better security, compliance, and risk management. The day will be divided between open/moderated exchange and short presentations. Participants are expected to come prepared to actively interact as either presenters or active listeners (or both).

This year, the Program Committee would especially like to request presentations that discuss The Human in the Loop. We are soliciting papers that range from behavioral considerations that drive insider threats, to the use of social media for social engineering, to the ways that networks or software are exploited through human vulnerabilities.

If you would like to participate:

Due to space limitations, we are asking all who are interested in participating to send an email to In the email reques, please provide some information about who you are, your interest/experience with metrics, what metrics you can bring to discuss, and your preferred level of participation:

  • presenter, or
  • active audience participant.

Potential presenters must provide an abstract of 5 paragraphs or less that describes the nature of the metrics and metric results that you would like to present.

Submission of recent, previously published work as well as simultaneous submissions to multiple venues is acceptable if disclosed in your proposal.

Potential active audience participants should indicate your area(s) of specific interest.

Following past Metricon practice, preference will be given to those who respond to this CfP with actual work in progress that demonstrates the value of security metrics with respect to a security-related goal.

Visit for digests, presentations, and handouts from past Metricon Workshops.


To get invitations out well beforehand, we’d like all email submissions to be in-hand by January 2 and notifications are planned for January 15. However, we realize this is short notice and will hold a presentation slot or two to accommodate requests for invitation that come after January 2. These will be reviewed on first-come first serve until the program is full and/or the day of the event. Our goal is to send invitations to participate by January 15.

Important Dates

  • 2 Jan 2012 – Responses Due to this Call
  • 15 Jan 2012 – Notification of Acceptance
  • 27 Feb 2012 – Mini-Metricon 6.5 Workshop

Please feel free to contact the Program Chair Bryan Ware ( with any questions. Inquiries beyond administrative matters will be forwarded to the Committee.

comments powered by Disqus