Managing Information Security Risks: The OCTAVE (SM) Approach: The OCTAVE Approach (SEI Series in Software Engineering) - Hardcover

Alberts, Christopher; Dorofee, Audrey

 
9780321118868: Managing Information Security Risks: The OCTAVE (SM) Approach: The OCTAVE Approach (SEI Series in Software Engineering)
Hardcover
ISBN 10: 0321118863 ISBN 13: 9780321118868
Verlag: Addison Wesley, 2002

Inhaltsangabe

This book is a descriptive and process-oriented book on a new security risk

evaluation method, OCTAVE. OCTAVE stands for Operationally Critical

Threat, Asset, and Vulnerability Evaluation(SM). An information security risk

evaluation helps organizations evaluate organizational practice, as well as the

installed technology base and to make decisions based on potential impact.

Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.

Über die Autorin bzw. den Autor

Christopher Alberts is a senior member of the technical staff in the Networked Systems Survivability Program at the Software Engineering Institute (SEI). He and Audrey Dorofee are the principal developers of OCTAVE. Before joining the SEI, Christopher was a scientist at Carnegie Mellon Research Institute, where he developed mobile robots for hazardous environments. He also worked at AT&T Bell Laboratories, where he designed information systems to support AT&T's advanced manufacturing processes.

Audrey Dorofee is a senior member of the technical staff in the Networked Systems Survivability Program at the Software Engineering Institute (SEI). She and Christopher Alberts are the principal developers of OCTAVE. Audrey previously was project lead for risk management in the Risk Program at the SEI. Prior to joining the SEI, she worked for the MITRE Corporation, supporting various projects for NASA, including Space Station software environments, user interfaces, and expert systems.



0321118863AB04152002

Von der hinteren Coverseite

Information security requires far more than the latest tool or technology. Organizations must understand exactly what they are trying to protect--and why--before selecting specific solutions. Security issues are complex and often are rooted in organizational and business concerns. A careful evaluation of security needs and risks in this broader context must precede any security implementation to insure that all the relevant, underlying problems are first uncovered.

The OCTAVE approach for self-directed security evaluations was developed at the influential CERT(R) Coordination Center. This approach is designed to help you:

  • Identify and rank key information assets
  • Weigh threats to those assets
  • Analyze vulnerabilities involving both technology and practices

OCTAVE(SM) enables any organization to develop security priorities based on the organization's particular business concerns. The approach provides a coherent framework for aligning security actions with overall objectives.

Managing Information Security Risks, written by the developers of OCTAVE, is the complete and authoritative guide to its principles and implementations. The book:

  • Provides a systematic way to evaluate and manage information security risks
  • Illustrates the implementation of self-directed evaluations
  • Shows how to tailor evaluation methods to different types of organizations

Special features of the book include:

  • A running example to illustrate important concepts and techniques
  • A convenient set of evaluation worksheets
  • A catalog of best practices to which organizations can compare their own



0321118863B05172002

„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.

Verlag
Addison Wesley
Erscheinungsdatum
2002
Sprache
Englisch
ISBN 10 
0321118863
ISBN 13 
9780321118868
Einband
Gebundene Ausgabe
Auflage
1
Anzahl der Seiten
520
Kontakt zum Hersteller
Nicht verfügbar
Verantwortliche Person
Nicht verfügbar