Assessing and Managing Security Risk in IT Systems: A Structured Methodology
John McCumber
The book essentially describes the McCumber Cube information security methodology.
And the McCumber Cube methodology is indeed interesting and worth the read.
Unfortunately, the author wrote around it a whole book!
In the first part the author describes the bases on the information security and relates it to the McCumber Cube (without really describing what the Cube is! Luckily, the hardcover has a picture of it.)
In the second part he dwelves in a little more detail of the McCumber Cube methodology, repeating again and again the same concepts, just with slight viewpoint variations.
Obviously his methodology is described as superior to any other methodology! While he makes a few good points, often he just states this without really comparing it to the other technologies.
Worth the read if you have time to spare... it indeed has a few interesting ideas and viewpoints.
If only they were expressed in a tenth of the space!
Ссылка удалена правообладателем
----
The book removed at the request of the copyright holder.