SCOPUS 정보 검색 플랫폼

Security Risk Management: Building an Information Security Risk Management Program from the Ground Up

Volumn , Issue , 2011, Pages 1-340

Security Risk Management: Building an Information Security Risk Management Program from the Ground Up

(1) Wheeler, Evan a

a ARMED FORCES INSTITUTE OF PATHOLOGY (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 85088870550 PISSN: None EISSN: None Source Type: Book
DOI: 10.1016/C2010-0-64926-1 Document Type: Book

Times cited : (38)

References (39)

1
- 78649245486
- NIST 800-37, (accessed 29.12.09)
- Guide for Applying the Risk Management Framework to Federal Information Systems NIST 800-37, (accessed 29.12.09). http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37-rev1-final.pdf.
- Guide for Applying the Risk Management Framework to Federal Information Systems

2
- 85135435365
- Verizon Business, 2010 Data Breach Investigations Report. , 2010 (accessed 21.07.10).
- Verizon Business, 2010 Data Breach Investigations Report. , 2010 (accessed 21.07.10). http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf.

3
- 84856695926
- (accessed 06.03.10)
- Jones J. An Introduction to Factor Analysis of Information Risk (FAIR) (accessed 06.03.10). http://www.riskmanagementinsight.com/media/docs/FAIR_introduction.pdf.
- An Introduction to Factor Analysis of Information Risk (FAIR)
- Jones, J.¹

4
- 85135422666
- PCI Security Standards Council, (accessed 02.02.10)
- PCI Security Standards Council, (accessed 02.02.10). http://www.pcisecuritystandards.org.

5
- 84882310795
- (accessed 16.11.09)
- Standardized Information Gathering Questionnaire (SIG) (accessed 16.11.09). http://www.sharedassessments.org.
- Standardized Information Gathering Questionnaire (SIG)

6
- 54949148833
- (accessed 30.01.10)
- Investopedia (accessed 30.01.10). http://www.investopedia.com/terms/r/returnoninvestment.asp.
- Investopedia

7
- 84882317494
- The Great Debate: Security spending
- Parker D., Pols J. The Great Debate: Security spending. ISSA Magazine April 2008.
- (2008) ISSA Magazine
- Parker, D.¹ Pols, J.²

8
- 51049107864
- (accessed 30.01.10)
- A Complete Guide to the Common Vulnerability Scoring System, Version 2.0 (accessed 30.01.10). http://www.first.org/cvss/cvss-guide.html.
- A Complete Guide to the Common Vulnerability Scoring System, Version 2.0

9
- 85135429170
- Society of Information Risk Analysts (SIRA)., (accessed 05.01.11)
- Society of Information Risk Analysts (SIRA)., (accessed 05.01.11). http://www.societyinforisk.org.

10
- 84880250260
- (accessed 31.01.10)
- Privacy Rights Clearinghouse (accessed 31.01.10). http://www.privacyrights.org.
- Privacy Rights Clearinghouse

11
- 84882357008
- SANS Institute, (accessed 03.10.10)
- Building a Risk-Based Security Program in 10 Easy Steps SANS Institute, (accessed 03.10.10). http://www.sans.org/security-training/course_sums/1467.pdf.
- Building a Risk-Based Security Program in 10 Easy Steps

12
- 84882420890
- HTCIA New England Chapter Website, (no longer available)
- Computer Crimes Table HTCIA New England Chapter Website, (no longer available). http://www.htcia-ne.org.
- Computer Crimes Table

13
- 77952903083
- Verizon Business, (accessed 21.07.10)
- Data Breach Investigations Report Verizon Business, (accessed 21.07.10). http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf.
- Data Breach Investigations Report

14
- 3242808612
- Computer Security Institute, (access 02.12.10)
- CSI Computer Crime & Security Survey Computer Security Institute, (access 02.12.10). http://gocsi.com/survey.
- CSI Computer Crime & Security Survey

15
- 84882427604
- (accessed 19.01.11)
- Trustwave Global Security Report (accessed 19.01.11). https://www.trustwave.com/downloads/Trustwave_WP_Global_Security_Report_2011.pdf.
- Trustwave Global Security Report

16
- 84897768316
- Symantec, (accessed 01.04.10)
- Internet Security Threat Report Symantec, (accessed 01.04.10). http://www.symantec.com/business/theme.jsp?themeid=threatreport.
- Internet Security Threat Report

17
- 79951758149
- Sophos, (accessed 01.04.10)
- Security Threat Report Sophos, (accessed 01.04.10). http://www.sophos.com/sophos/docs/eng/papers/sophos-security-threat-report-jan-2010-wpna.pdf.
- Security Threat Report

18
- 84882298729
- Trend Micro, (accessed 09.12.10)
- Future Threat Report Trend Micro, (accessed 09.12.10). http://us.trendmicro.com/us/trendwatch/research-and-analysis/threat-reports/index.html.
- Future Threat Report

19
- 84907922541
- Arbor Networks, (accessed 01.02.11)
- Network Infrastructure Security Report Arbor Networks, (accessed 01.02.11). http://www.arbornetworks.com/report.
- Network Infrastructure Security Report

20
- 84882397980
- US-CERT Coordination Center, (accessed 30.01.11)
- Mailing Lists and Feeds US-CERT Coordination Center, (accessed 30.01.11). http://www.us-cert.gov/cas/signup.html.
- Mailing Lists and Feeds

21
- 84882313179
- SANS Internet Storm Center, (accessed 30.01.11)
- RSS/XML Data Feeds SANS Internet Storm Center, (accessed 30.01.11). http://isc.sans.edu/xml.html.
- RSS/XML Data Feeds

22
- 84882308931
- FBI InfraGard, (accessed 30.01.11)
- National Website FBI InfraGard, (accessed 30.01.11). http://www.infragard.net.
- National Website

23
- 84874507364
- Rapid7, (accessed 30.01.11)
- The Metasploit Project Rapid7, (accessed 30.01.11). http://www.metasploit.com.
- The Metasploit Project

24
- 85160624021
- Wiley, Hoboken, New Jersey
- Hubbard D. The Failure of Risk Management: Why It's Broken and How to Fix It 2009, Wiley, Hoboken, New Jersey.
- (2009) The Failure of Risk Management: Why It's Broken and How to Fix It
- Hubbard, D.¹

25
- 79952766850
- (accessed 19.06.09)
- Kienzle D.M., Elder M.C., Tyree D., Edwards-Hewitt J. Security Patterns Repository (accessed 19.06.09). http://www.scrypt.net/~celer/securitypatterns/repository.pdf.
- Security Patterns Repository
- Kienzle, D.M.¹ Elder, M.C.² Tyree, D.³ Edwards-Hewitt, J.⁴

26
- 50649102389
- Software Engineering Institute, (accessed 01.02.10)
- Caralli R.A., Stevens J.F., Young L.R., Wilson W.R. Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process 2007, Software Engineering Institute, (accessed 01.02.10). http://www.sei.cmu.edu/reports/07tr012.pdf.
- (2007) Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process
- Caralli, R.A.¹ Stevens, J.F.² Young, L.R.³ Wilson, W.R.⁴

27
- 33645604958
- (accessed 01.28.11)
- Open Source Security Testing Methodology Manual (accessed 01.28.11). http://www.isecom.org/osstmm.
- Open Source Security Testing Methodology Manual

28
- 70349408121
- SecTools.Org, (accessed 20.01.11)
- Top 100 Network Security Tools SecTools.Org, (accessed 20.01.11). http://sectools.org.
- Top 100 Network Security Tools

29
- 78649245486
- NIST 800-37, (accessed 29.12.09)
- Guide for Applying the Risk Management Framework to Federal Information Systems NIST 800-37, (accessed 29.12.09). http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37-rev1-final.pdf.
- Guide for Applying the Risk Management Framework to Federal Information Systems

30
- 85055233227
- Auerbach Publications, Boca Raton, FL
- Peltier T.R. Information Security Risk Analysis 2005, Auerbach Publications, Boca Raton, FL. second ed.
- (2005) Information Security Risk Analysis
- Peltier, T.R.¹

31
- 84882441409
- SANS Institute, (accessed 19.05.10)
- 20 Critical Security Controls for Effective Cyber Defense SANS Institute, (accessed 19.05.10). http://www.sans.org/critical-security-controls.
- 20 Critical Security Controls for Effective Cyber Defense

32
- 84882332200
- (accessed 02.02.11)
- BITS Standardized Information Gathering (SIG) questionnaire (accessed 02.02.11). http://www.sharedassessments.org.
- BITS Standardized Information Gathering (SIG) questionnaire

33
- 84882368958
- SANS Internet Storm Center, (accessed 30.01.11)
- Handler's Diary SANS Internet Storm Center, (accessed 30.01.11). http://isc.sans.edu/diary.html.
- Handler's Diary

34
- 85135429922
- Multi-State Information Sharing and Analysis Center (MS-ISAC), (accessed 20.01.11)
- Multi-State Information Sharing and Analysis Center (MS-ISAC), (accessed 20.01.11). http://www.msisac.org.

35
- 85135429586
- Risk Management Insight Web site, (accessed 06.03.10)
- Risk Management Insight Web site, (accessed 06.03.10). http://riskmanagementinsight.com.

36
- 85135422189
- NIST, (accessed 20.01.11)
- NIST, (accessed 20.01.11). http://csrc.nist.gov.

37
- 78649245486
- NIST 800-37, (accessed 29.12.09)
- Guide for Applying the Risk Management Framework to Federal Information Systems NIST 800-37, (accessed 29.12.09). http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37-rev1-final.pdf.
- Guide for Applying the Risk Management Framework to Federal Information Systems

38
- 85135430738
- NIST 800-53, Revision 3. Recommended Security Controls for Federal Information Systems and Organizations. (accessed 21.11.10).
- NIST 800-53, Revision 3. Recommended Security Controls for Federal Information Systems and Organizations. (accessed 21.11.10). http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final_updated-errata_05-01-2010.pdf.

39
- 85135422019
- The Risk IT Framework Excerpt
- (accessed 20.01.11)
- ISACA. The Risk IT Framework Excerpt. (accessed 20.01.11). http://www.isaca.org/Knowledge-Center/Research/Documents/RiskIT-FW-Excerpt-8Jan09.pdf.

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.