Software Security Maturity Models: A Source Review
Jun 20, 2026 / · 6 min read · software security bsimm owasp samm isa-cmm secure development information assurance ·Software Security Maturity Models: A Source Review Building Security in Maturity Model (BSIMM) The Building Security in Maturity Model (BSIMM), is a guideline that outlines 113 activities organized into 12 different sections which assist in the software security framework. The document is broken into two parts. The …
Read MoreComparing BSIMM and SAMM Software Security Models
Jun 19, 2026 / · 31 min read · software security bsimm owasp samm capability maturity model information assurance secure development ·Comparing BSIMM and SAMM Software Security Models The role of the information assurance security program as described by Sadiku, Alam, & Musa (2017) is the practice of protecting and defending information systems by ensuring their availability, confidentiality, integrity, authentication, and non-repudiation. …
Read MoreApplying the ISA-CMM: A Cloud E-Store Case Study
Jun 18, 2026 / · 4 min read · isa-cmm information assurance cloud security aws security assessment capability maturity model ·Applying the ISA-CMM: A Cloud E-Store Case Study Company A (CA) is a major supplier of satellite imagery to commercial, federal and defense vertical markets. The organization launched an e-commerce website on the Internet or an estore enabling customers to navigate, review and purchase satellite imagery. This applied …
Read MoreSecurity Risk Assessment: Essential Reference Sources
Jun 17, 2026 / · 5 min read · security risk assessment risk analysis fair methodology information security risk management information assurance ·Security Risk Assessment: Essential Reference Sources Measuring and Managing Information Risk: A FAIR Approach This book assists the reader in understanding how to put to use the Factor Analysis of Information Risk (FAIR) methodology. The book consists of topics on measuring and managing information risk and provides …
Read MoreSecurity Risk Assessment: Planning and Key Metrics
Jun 6, 2026 / · 4 min read · security risk assessment security metrics risk analysis information assurance project planning information security ·Security Risk Assessment: Planning and Key Metrics The security assessment considerations as described by Landoll (2016), at a high level, includes six phases. The phases are the project definition, the project preparation, gathering the data, analyzing the risk, mitigation of risks and the recommendations or …
Read MoreSecurity Awareness Training and ISA Capability Maturity
Jun 5, 2026 / · 3 min read · security awareness information assurance security training isa-cmm security policy information security ·Security Awareness Training and ISA Capability Maturity Technology is constantly changing. Security technology is getting better and making jobs easier as described by Peltier (2013). Bad actors continue to cause issues no matter what new security is introduced. It is a constant cycle. Security awareness includes many …
Read MoreSecurity System Design: Building Defensible Systems
May 28, 2026 / · 4 min read · security design information assurance secure design principles osi model defense in depth ·Security System Design: Building Defensible Systems There are a number of fundamental security system design principals that may be incorporated into applications and systems to make them secure. The principals as described by Emerging Technology (2013) include minimizing the attack surface, least privilege, …
Read MoreRisk Analysis: The Core of Security Risk Assessment
May 25, 2026 / · 11 min read · risk analysis risk assessment information assurance information security critical thinking ·Risk Analysis: The Core of Security Risk Assessment While performing information security management many things need to be in place before information security management can start as Raggad (2010) points out. The organization has to be in agreement with an accepted business mission, strategic plan and a standardized …
Read MoreSix-Phase Information Assurance Risk Assessment Process
May 16, 2026 / · 7 min read · information assurance risk assessment security mitigation digitalglobe ·Six-Phase Information Assurance Risk Assessment Process The organization DigitalGlobe has been chosen for an abbreviated assessment. The paper will discuss the considerations for decreasing risk and mitigating assessed vulnerabilities. Information covered will be a summary of the assessed challenges in the information …
Read MoreInformation Assurance Capability Maturity Model Explained
May 15, 2026 / · 6 min read · information assurance capability maturity isa-cmm risk mitigation security ·Information Assurance Capability Maturity Model Explained The organization DigitalGlobe is the organization that has been chosen for an abbreviated assessment. The paper will discuss the considerations for decreasing risk and mitigating assessed vulnerabilities. Information covered will be a summary of the assessed …
Read More