| | |  | Computer Security | Home » » Assessing and Managing Security Risk in IT Systems: A Structured Methodology | | | | | | | Product Promotions: | | | | | Description: | | Assessing and Managing Security Risk in IT Systems: A Structured Methodology builds upon the original McCumber Cube model to offer proven processes that do not change, even as technology evolves. This book enables you to assess the security attributes of any information system and implement vastly improved security environments.
Part I delivers an overview of information systems security, providing historical perspectives and explaining how to determine the value of information. This section offers the basic underpinnings of information security and concludes with an overview of the risk management process.
Part II describes the McCumber Cube, providing the original paper from 1991 and detailing ways to accurately map information flow in computer and telecom systems. It also explains how to apply the methodology to individual system components and subsystems.
Part III serves as a resource for analysts and security practitioners who want access to more detailed information on technical vulnerabilities and risk assessment analytics. McCumber details how information extracted from this resource can be applied to his assessment processes. | | | Product Details: | | | Author:
| John McCumber | | Hardcover:
| 288 pages | | Publisher:
| Auerbach Publications | | Publication Date:
| June 15, 2004 | | Language:
| English | | ISBN:
| 0849322324 | | Product Length:
| 0.95 inches | | Product Width:
| 0.63 inches | | Product Height:
| 0.08 inches | | Product Weight:
| 1.19 pounds | | Package Length:
| 9.3 inches | | Package Width:
| 6.3 inches | | Package Height:
| 0.8 inches | | Package Weight:
| 1.0 pounds | | Average Customer Rating:
|  based on 2 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 2 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
4 of 5 found the following review helpful:
 Interesting but repetitiveSep 22, 2008
By I. Sfiligoi
The book essentially describes the McCumber Cube information security methodology.
And the McCumber Cube methodology is indeed interesting and worth the read.
Unfortunately, the author wrote around it a whole book!
In the first part the author describes the bases on the information security and relates it to the McCumber Cube (without really describing what the Cube is! Luckily, the hardcover has a picture of it.)
In the second part he dwelves in a little more detail of the McCumber Cube methodology, repeating again and again the same concepts, just with slight viewpoint variations.
Obviously his methodology is described as superior to any other methodology! While he makes a few good points, often he just states this without really comparing it to the other technologies.
Worth the read if you have time to spare... it indeed has a few interesting ideas and viewpoints.
If only they were expressed in a tenth of the space!
2 of 5 found the following review helpful:
 Fabulous!Apr 26, 2007
By Lara Denesia
I had John as my Info Sec professor for two classes. His insight in class has given me such a passion for InfoSec! I undoubtedly believe his book will do the same! If you can hear him lecture it will only drive your passion even more for the need for and drive towards info security! Anyone who is truly in need of the 'ah-ha' effect should buy this book!
| | |
|
