Assessing and Managing Security Risk in IT Systems

A Structured Methodology

John McCumber (Symantec Corporation, Reston, Virginia, USA)

$147

Hardback

Not in-store but you can order this
How long will it take?

Availability Information

We source books from suppliers in Australia and overseas. For books we don't currently have in stock, the time it takes to get them from our suppliers can vary widely - from a few days to a few months - so we check each book with each supplier to determine the expected time it will take to be supplied to us.

We then advise you accordingly. If the time taken to get any book is too long for you, you can let us know and we will cancel or adjust your order, and refund as required.

To find out the anticipated arrival time for specific items prior to ordering, please contact us by phone or email:

Phone +61 2 9264 3111, or 1800 4 BOOKS (1800 4 26657) if outside Sydney:
option 1 Abbey's Bookshop (Crime, History, Science, Kids & more) • info@abbeys.com.au
option 2 Language Book Centre (ESL & Foreign Languages) • language@abbeys.com.au
option 3 Galaxy Bookshop (Sci-fi, Fantasy, Romance, Graphic Novels) • sf@galaxybooks.com.au

QTY:

English

Auerbach
12 August 2004

Computer security; Data encryption; Network management

Assessing and Managing Security Risk in IT Systems: A Structured Methodology builds upon the original McCumber Cube model to offer proven processes that do not change,

even as technology evolves. This book enables you to assess

the security attributes of any information system and implement vastly improved security environments.

Part I delivers an overview of information systems security, providing historical perspectives and explaining how to determine the value of information. This section offers the basic underpinnings of information security and concludes with an overview of the risk management process. Part II describes the McCumber Cube, providing the original paper from 1991 and detailing ways to accurately map information flow in computer and telecom

systems. It also explains how to apply the methodology to individual system components and subsystems.

Part III serves as a resource for analysts and security practitioners who want access to more detailed information on technical vulnerabilities and risk assessment analytics. McCumber details how information extracted from this resource can be applied to his assessment processes.

By: John McCumber (Symantec Corporation Reston Virginia USA)
Imprint: Auerbach
Country of Publication: United Kingdom
Dimensions: Height: 234mm, Width: 156mm, Spine: 21mm
Weight: 690g
ISBN: 9780849322327
ISBN 10: 0849322324
Pages: 288
Publication Date: 12 August 2004
Audience: Professional and scholarly , Undergraduate
Format: Hardback
Publisher's Status: Active

SECURITY CONCEPTS. Using models. Defining information security. Information as an asset. Understanding threat and its relation to vulnerabilities. Assessing risk variables: The risk assessment process. THE MCCUMBER CUBE METHODOLOGY. The McCumber Cube. Determining information states and mapping information flow. Decomposing the cube for security enforcement. Information state analysis for components and subsystems. Managing the security life cycle. Safeguard analysis. Practical applications of McCumber Cube Analysis. APPENDICES.

John McCumber