[SC-L] informIT: nine things everybody does
Gary McGraw
gem at cigital.com
Tue Feb 10 07:48:03 EST 2009
hi sc-l,
informIT just published my February column, once again co-authored by Brian Chess and Sammy Migues. This is the third in the series of articles about the maturity model. We have decided to call it the Building Security In Maturity Model (BSIMM).
The latest article covers 13 of the 110 activities in the model. Of those 14, all nine of the organizations in our study did nine. The other 4 are done by most organizations (but not all nine), and were added to ensure coverage of the Software Security Framework.
http://www.informit.com/articles/article.aspx?p=1326511
We will release the complete BSIMM model soon under a creative commons license. Stay tuned for that!
gem
company www.cigital.com
podcast www.cigital.com/silverbullet
podcast www.cigital.com/realitycheck
blog www.cigital.com/justiceleague
book www.swsec.com
More information about the SC-L
mailing list