Rating:
(2 reviews)
Author: John McCumber
ISBN : 0849322324
New from $43.00
Format: PDF
Direct download links available Free Assessing and Managing Security Risk in IT Systems: A Structured Methodology from mediafire, rapishare, and mirror link
Assessing and Managing Security Risk in IT Systems: A Structured Methodology builds upon the original McCumber Cube model to offer proven processes that do not change, even as technology evolves. This book enables you to assess the security attributes of any information system and implement vastly improved security environments.
Part I delivers an overview of information systems security, providing historical perspectives and explaining how to determine the value of information. This section offers the basic underpinnings of information security and concludes with an overview of the risk management process.
Part II describes the McCumber Cube, providing the original paper from 1991 and detailing ways to accurately map information flow in computer and telecom systems. It also explains how to apply the methodology to individual system components and subsystems.
Part III serves as a resource for analysts and security practitioners who want access to more detailed information on technical vulnerabilities and risk assessment analytics. McCumber details how information extracted from this resource can be applied to his assessment processes.
Direct download links available for Free Assessing and Managing Security Risk in IT Systems: A Structured Methodology
- Hardcover: 288 pages
- Publisher: Auerbach Publications; 1 edition (June 15, 2004)
- Language: English
- ISBN-10: 0849322324
- ISBN-13: 978-0849322327
- Product Dimensions: 0.8 x 6.2 x 9.4 inches
- Shipping Weight: 1 pounds (View shipping rates and policies)
Free Assessing and Managing Security Risk in IT Systems: A Structured Methodology
The book essentially describes the McCumber Cube information security methodology.
And the McCumber Cube methodology is indeed interesting and worth the read.
Unfortunately, the author wrote around it a whole book!
In the first part the author describes the bases on the information security and relates it to the McCumber Cube (without really describing what the Cube is! Luckily, the hardcover has a picture of it.)
In the second part he dwelves in a little more detail of the McCumber Cube methodology, repeating again and again the same concepts, just with slight viewpoint variations.
Obviously his methodology is described as superior to any other methodology! While he makes a few good points, often he just states this without really comparing it to the other technologies.
Worth the read if you have time to spare... it indeed has a few interesting ideas and viewpoints.
If only they were expressed in a tenth of the space!
By I. Sfiligoi
I had John as my Info Sec professor for two classes. His insight in class has given me such a passion for InfoSec! I undoubtedly believe his book will do the same! If you can hear him lecture it will only drive your passion even more for the need for and drive towards info security! Anyone who is truly in need of the 'ah-ha' effect should buy this book!
By Lara Denesia