10: MANAGING THE SECURITY LIFE CYCLE

INTRODUCTION

The McCumber Cube methodology is not a process that needs to be replicated on a recurring basis; it is a methodology to use in the assessment and design phases of the security program. It also can be employed as a tool for design and assessment of individual products and system components. Invoking the use of the methodology is also called for when the information systems environment is significantly modified or upgraded. In keeping with the understanding of this process as an information-centric model, you can determine if the McCumber Cube methodology needs to be used by looking for new information flows, changes in asset (information) valuation, and the acquisition of new technologies. However, ...

Get Assessing and Managing Security Risk in IT Systems now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Assessing and Managing Security Risk in IT Systems by John McCumber

10: MANAGING THE SECURITY LIFE CYCLE

INTRODUCTION

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly