icon-carat-right menu search cmu-wordmark

Navigating the Security Practice Landscape

White Paper
In this paper, Julia Allen presents a summary of ten leading sources of security practice definition and implementation guidance.
Publisher

Software Engineering Institute

Abstract

This article presents a summary of ten leading sources of security practice definition and implementation guidance. It uses ISO 27002 as a foundation (given its international standard status and broad, installed base) and builds on and augments it with additional source material. A summary of publicly available CERT course materials is presented to aid in practice implementation. The content in this article can be used independently or in concert with the approaches described in the other articles in this content area.