"The security and integrity of information systems is a critical issue
within most types of organizations. Finding better ways to address the
topic is the objective of many in industry, academia, and government.
One of the more effective approaches gaining popularity in addressing
these issues is the use of standard knowledge representations,
enumerations, exchange formats and languages, as well as sharing of
standard approaches to key compliance and conformance mandates. By
standardizing and segregating the interactions amongst their
operational, development and sustainment tools and processes
organizations gain great freedom in selecting technologies, solutions
and vendors. These "Making Security Measurable" initiatives provide the
foundation for answering today’s increased demands for accountability,
efficiency and interoperability without artificially constraining an
organization’s solution options."
http://measurablesecurity.mitre.org/list/index.html
No comments:
Post a Comment