Navigating the Security Practice Landscape

Abstract

This article presents a summary of ten leading sources of security practice definition and implementation guidance. It uses ISO 27002 as a foundation (given its international standard status and broad, installed base) and builds on and augments it with additional source material. A summary of publicly available CERT course materials is presented to aid in practice implementation. The content in this article can be used independently or in concert with the approaches described in the other articles in this content area.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2006
Accession Number
AD1153806

Entities

People

  • Julia H. Allen

Organizations

  • Carnegie Mellon University

Tags

DTIC Thesaurus Topics

  • Application Software
  • Best Practices
  • Business Administration
  • Commerce
  • Computer Access Control
  • Computer Network Security
  • Computer Programming
  • Computers
  • Configuration Management
  • Detection
  • Engineering
  • Information Assurance
  • Information Security
  • Information Systems
  • Intrusion Detection
  • Knowledge Management
  • Management Personnel
  • Operating Systems
  • Organizational Structure
  • Risk Management
  • Security Personnel
  • Software Development
  • Standards
  • Students

Readers

  • Business Analytics
  • Defense Acquisition Program Management
  • Systems Analysis and Design