Assessing And Managing Security Risk In It Systems
Download Assessing And Managing Security Risk In It Systems PDF/ePub or read online books in Mobi eBooks. Click Download or Read Online button to get Assessing And Managing Security Risk In It Systems book now. This website allows unlimited access to, at the time of writing, more than 1.5 million titles, including hundreds of thousands of titles in various foreign languages.
Assessing and Managing Security Risk in IT Systems
Assessing and Managing Security Risk in IT Systems: A Structured Methodology builds upon the original McCumber Cube model to offer proven processes that do not change, even as technology evolves. This book enables you to assess the security attributes of any information system and implement vastly improved security environments. Part I deliv
Assessing and Managing Security Risk in IT Systems
This book begins with an overview of information systems security, offering the basic underpinnings of information security and concluding with an analysis of risk management. Part II describes the McCumber Cube, providing the original paper from 1991 and detailing ways to accurately map information flow in computer and telecom systems. It also explains how to apply the methodology to individual system components and subsystems. Part III serves as a resource for analysts and security practitioners who want access to more detailed information on technical vulnerabilities and risk assessment analytics. McCumber details how information extracted from this resource can be applied to his assessment processes.
Security Risk Assessment and Management
Author: Betty E. Biringer
language: en
Publisher: John Wiley & Sons
Release Date: 2007-03-12
Proven set of best practices for security risk assessment and management, explained in plain English This guidebook sets forth a systematic, proven set of best practices for security risk assessment and management of buildings and their supporting infrastructures. These practices are all designed to optimize the security of workplace environments for occupants and to protect the interests of owners and other stakeholders. The methods set forth by the authors stem from their research at Sandia National Laboratories and their practical experience working with both government and private facilities. Following the authors' step-by-step methodology for performing a complete risk assessment, you learn to: Identify regional and site-specific threats that are likely and credible Evaluate the consequences of these threats, including loss of life and property, economic impact, as well as damage to symbolic value and public confidence Assess the effectiveness of physical and cyber security systems and determine site-specific vulnerabilities in the security system The authors further provide you with the analytical tools needed to determine whether to accept a calculated estimate of risk or to reduce the estimated risk to a level that meets your particular security needs. You then learn to implement a risk-reduction program through proven methods to upgrade security to protect against a malicious act and/or mitigate the consequences of the act. This comprehensive risk assessment and management approach has been used by various organizations, including the U.S. Bureau of Reclamation, the U.S. Army Corps of Engineers, the Bonneville Power Administration, and numerous private corporations, to assess and manage security risk at their national infrastructure facilities. With its plain-English presentation coupled with step-by-step procedures, flowcharts, worksheets, and checklists, you can easily implement the same proven approach and methods for your organization or clients. Additional forms and resources are available online at www.wiley.com/go/securityrisk.