Model-Driven Security Engineering for Data Systems represents a structured methodology that integrates security into the early stages of system and database development. This approach leverages ...

The management of information risk has become a significant topic for all organizations, small and large alike. But for the large, multi-divisional organization, it poses the additional challenge of ...

The Information Security Program Maturity Model is a useful tool in understanding the degree of sophistication of information security processes, their reliability and effectiveness in identifying, ...

Fulfilling the risk management and regulatory compliance obligations with consistency in today’s vastly disparate and complex IT enterprise environments has challenged CIOs to rethink the approach to ...

At a recent seminar on information security management, I heard that FUD (fear, uncertainty and doubt) is dead, that ROI is dead and that the insurance model is dead. Information security needs to ...