Assessing and Managing Security Risk in IT Systems
Regular price
€89.99
14 days return policy
Shipping & Delivery
A01=John McCumber
advanced risk analytics for information systems
asset
Author_John McCumber
Bell LaPadula Model
Business Process
Category=KNS
Category=UBL
Category=UR
Category=URY
Category=UTF
Category=UY
compliance management IT
controls
cube
cybersecurity risk assessment
data protection strategies
Effective Information Security Program
eq_bestseller
eq_business-finance-law
eq_computing
eq_isMigrated=1
eq_isMigrated=2
eq_nobargain
eq_non-fiction
information
Information Assets
information assurance frameworks
INFORMATION FLOW MAPPING
Information Infrastructures
Information Security
Information Security Life Cycle
Information Security Program
Information State Analysis
Information Systems Security
Information Systems Security Program
mccumber
McCumber Cube
Orange Book
policy
practitioner
program
Protection Profile
Remote Attackers
requirements
resource
Risk Management
secure system architecture
Security Practitioners
Security Program
Security Relevant Activities
Security Safeguards
Sensitive Information
Technical Safeguards
Technology Safeguards
Threat Vulnerability Pairs
vulnerability analysis methods
Product details
- ISBN 9780849322327
- Weight: 690g
- Dimensions: 156 x 234mm
- Publication Date: 12 Aug 2004
- Publisher: Taylor & Francis Ltd
- Publication City/Country: GB
- Product Form: Hardback
Secure
checkout
Fast Shipping
Easy returns
Assessing and Managing Security Risk in IT Systems: A Structured Methodology builds upon the original McCumber Cube model to offer proven processes that do not change, even as technology evolves. This book enables you to assess the security attributes of any information system and implement vastly improved security environments.
Part I delivers an overview of information systems security, providing historical perspectives and explaining how to determine the value of information. This section offers the basic underpinnings of information security and concludes with an overview of the risk management process.
Part II describes the McCumber Cube, providing the original paper from 1991 and detailing ways to accurately map information flow in computer and telecom systems. It also explains how to apply the methodology to individual system components and subsystems.
Part III serves as a resource for analysts and security practitioners who want access to more detailed information on technical vulnerabilities and risk assessment analytics. McCumber details how information extracted from this resource can be applied to his assessment processes.
