CIA Compliance Manager API Documentation - v1.0.1
    Preparing search index...

    Class SecurityMetricsService

    Service for security metrics and measurements

    This service provides quantitative metrics for security levels, enabling organizations to measure their security posture, track improvements over time, and quantify the impact of security investments through cost-benefit analysis and risk reduction calculations. 📊

    Hierarchy (View Summary)

    Index

    Constructors

    constructor

    Methods

    calculateRoi calculateSecurityScore getComponentDetails getComponentMetrics getComponentTechnicalMetrics getImpactMetrics getProtectionLevel getRiskBadgeVariant getRiskLevel getRiskLevelFromSecurityLevel getROIEstimates getSecurityIcon getSecurityLevelDescription getSecurityLevelFromValue getSecurityMetrics

    Constructors

    Methods

    • Calculate ROI metrics based on security level and implementation cost

      Computes return on investment (ROI) for security implementations by analyzing the expected returns for different security levels. Higher security levels typically yield better ROI through reduced incident costs and improved resilience.

      Parameters

      • securityLevel: SecurityLevel

        Selected security level to calculate ROI for

      • implementationCost: number

        Total cost of implementation in currency units (CAPEX + OPEX)

      Returns ROIMetrics

      ROI metrics including monetary value, percentage return, and description

      const service = new SecurityMetricsService(dataProvider);

      // Calculate ROI for High security level with $100,000 investment
      const roi = service.calculateRoi('High', 100000);
      console.log(roi.value);        // "$300,000"
      console.log(roi.percentage);   // "300%"
      console.log(roi.description);  // "Return on investment for High security level implementation"

      // No ROI for zero investment
      const noRoi = service.calculateRoi('High', 0);
      console.log(noRoi.value);      // "$0"

    • Get component-specific security metrics

      Provides detailed metrics for a single CIA component at a specific security level, including score, description, recommendations, and cost information. Useful for component-level analysis and detailed reporting.

      Parameters

      • component: CIAComponentType

        CIA component type ('availability', 'integrity', or 'confidentiality')

      • level: SecurityLevel

        Security level for the component

      Returns ComponentMetrics

      Component metrics with score, description, recommendations, and cost details

      const service = new SecurityMetricsService(dataProvider);

      // Get metrics for availability at High level
      const availMetrics = service.getComponentMetrics('availability', 'High');
      console.log(availMetrics.score);         // 75 (0-100 scale)
      console.log(availMetrics.level);         // "High"
      console.log(availMetrics.description);   // "High availability with 99.9% uptime"
      console.log(availMetrics.recommendations); // Array of improvement suggestions
      console.log(availMetrics.capex);         // Capital expenditure cost
      console.log(availMetrics.opex);          // Operational expenditure cost

      // Get metrics for integrity
      const integrityMetrics = service.getComponentMetrics('integrity', 'Very High');
      console.log(integrityMetrics.component); // "integrity"

    • Get appropriate UI badge variant for a risk level

      Parameters

      • riskLevel: string

        Risk level string (High, Medium, Low, etc.)

      Returns "success" | "info" | "warning" | "error" | "neutral"

      Badge variant name

    • Get risk level based on security score

      Parameters

      • score: number

        Security score (0-100)

      Returns string

      Risk level description

    • Get ROI estimates from the data provider

      Retrieves pre-configured return on investment estimates for all security levels. Each level has associated return rates, potential savings, and break-even periods based on industry research and historical data.

      Returns ROIEstimatesMap

      Map of ROI estimates keyed by security level (NONE, LOW, MODERATE, HIGH, VERY_HIGH)

      const service = new SecurityMetricsService(dataProvider);
      const estimates = service.getROIEstimates();

      console.log(estimates.HIGH.returnRate);        // "300%"
      console.log(estimates.HIGH.description);       // "High ROI with significant risk reduction"
      console.log(estimates.MODERATE.breakEvenPeriod); // "2 years"

    • Get comprehensive security metrics for selected security levels

      Calculates a complete security assessment including scores, costs, risk reduction, compliance metrics, and component-specific analysis. This is the primary method for obtaining a holistic view of security posture across all CIA triad components.

      Parameters

      • availabilityLevel: SecurityLevel

        Availability security level

      • integrityLevel: SecurityLevel = availabilityLevel

        Integrity security level (defaults to availabilityLevel if not provided)

      • confidentialityLevel: SecurityLevel = availabilityLevel

        Confidentiality security level (defaults to availabilityLevel if not provided)

      Returns SecurityMetrics

      Comprehensive security metrics object with scores, costs, and assessments

      const service = new SecurityMetricsService(dataProvider);

      // Get metrics for specific configuration
      const metrics = service.getSecurityMetrics('High', 'Very High', 'Moderate');
      console.log(metrics.overallScore);     // 75 (0-100 scale)
      console.log(metrics.totalCost);        // 450000 (total CAPEX + OPEX)
      console.log(metrics.riskReduction);    // "85%"
      console.log(metrics.securityMaturity); // "Advanced"

      // Use uniform level across all components
      const uniformMetrics = service.getSecurityMetrics('Moderate');
      console.log(uniformMetrics.availability.level);      // "Moderate"
      console.log(uniformMetrics.integrity.level);         // "Moderate"
      console.log(uniformMetrics.confidentiality.level);   // "Moderate"

      // Access component-specific metrics
      console.log(metrics.availability.score);           // Score for availability
      console.log(metrics.availability.recommendations); // Recommendations array

    Settings

    Member Visibility

    On This Page

    Analytics Perspective
    Constructors
    Methods