Scheduled System Maintenance:
Some services will be unavailable Sunday, March 29th through Monday, March 30th. We apologize for the inconvenience.
By Topic

Threat Modeling: Diving into the Deep End

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

The purchase and pricing options are temporarily unavailable. Please try again later.
4 Author(s)
Ingalsbe, J.A. ; Ford Motor Co., Dearborn ; Kunimatsu, L. ; Baeten, T. ; Mead, N.R.

Optimizing the working relationship between a company's IT security (ITS) group and its internal business customers is difficult at best. Who is responsible for security? What does "responsible" mean? For that matter, what does "security" mean? If ITS is solely responsible for security, as is often the case, then everything across the board will likely receive the same level of protection. In their defense, the members of ITS often don't know which asset means the most to the business, so the safest approach is to protect everything as much as possible.

Published in:

Software, IEEE  (Volume:25 ,  Issue: 1 )