Share
Nist 800-160: A Roadmap for 21st Century Systems Security Engineering Success
Mark A. Russo Cissp-Issap Itil V3
(Author)
·
Independently Published
· Paperback
Nist 800-160: A Roadmap for 21st Century Systems Security Engineering Success - Russo Cissp-Issap Itil V3, Mark A.
Choose the list to add your product or create one New List
✓ Product added successfully to the Wishlist.
Go to My Wishlists
Origin: U.S.A.
(Import costs included in the price)
It will be shipped from our warehouse between
Monday, June 03 and
Wednesday, June 19.
You will receive it anywhere in United Kingdom between 1 and 3 business days after shipment.
Synopsis "Nist 800-160: A Roadmap for 21st Century Systems Security Engineering Success"
NIST SP 800-160 AND SYSTEMS SECURITY ENGINEERING This is a 2021 re-release of the book focused on the balance between operations and security during the system development lifecycle. So why is secure system development so hard? It should not be difficult and should follow existing best practices that have been available for decades. It should follow the same path as normal software, hardware, or system development. At the core of the current break-down is the disconnect between security requirements, as formulated as a "security control," and the systems engineering process. Systems engineering is the foundation of all development efforts. It translates the sought general functionality into a technical specification. For example, a possible function for a modern-day tank is to fire a round for a "threshold" distance of 5 kilometers with and "objective" range of 6 kilometers. The Systems Engineer takes the base functional requirement of "shooting a high explosive round" to a specified and measurable distance. In the case of security, an example of a specified security control would state that all "data at rest be encrypted." The Systems Engineer would take this broad requirement and define it better with, for example, "employ a 256-bit AES symmetric encryption application." Unfortunately, this obvious connection typically does not occur-until the very end when the system is already built!NIST 800-160, Systems Security Engineering (SSE), provides the strategic overview of the SSE process; however, it fails to provide the pragmatic help and direction to users that desperately need better guidance than best practice suggestions. This is not a condemnation of NIST's excellent work in this area for years but is an unfortunate rebuke. NIST's works are too academic and strategic to be implemented by novice companies and agencies. This book is written to provide several major and minor tactical frameworks and approaches to include specifically the National Cybersecurity Framework (NCF) 1.1 and NIST 800-171 and 171A rev 1. It is designed to truly help businesses and agencies create a secure IT system, network, and environment.
- 0% (0)
- 0% (0)
- 0% (0)
- 0% (0)
- 0% (0)
All books in our catalog are Original.
The book is written in English.
The binding of this edition is Paperback.
✓ Producto agregado correctamente al carro, Ir a Pagar.
