The McCumber Cube was introduced toward the beginning of the class and has continued to show up as we move through different topics, highlighting its usefulness in enterprise InfoSec.  For this forum, I would like to see the McCumber Cube applied to an extent, to give everyone the opportunity to grasp this planning/assessment tool and use it to describe some aspect of enterprise InfoSec in your world.  To accomplish this, I would like to organize this forum around the different 3-way intersections (cubes) between the CIA triad, the data states of storage/processing/transmission (SPT), and the interventions of policy/education/traning (PET).  Specifically, I would like for each 3-way intersection of the cube (e.g., Confidentiality-Storage-Policy; Integrity-Transmission-Technology; Availability-Processing-Education; etc.) to serve as an independent thread.  Then, within the appropriate thread, I would like you to either 1) introduce (generally) that particular 3-way goal/data/mechanism interaction looks like in your current or former (de-identified) organization or 2) introduce new and credible practioner content (e.g., NIST, SANS, ISACA, etc.) on recommended best practices within that particular context.  Follow up posts should contribute new and/or reinforcing posts that also either draw on past experiences or original content.  Please cite your sources if/when following the #2 approach to contributing.

The McCumber Cube is a planning and assessment tool that is widely used in enterprise Information Security (InfoSec) to understand and address the complexity of securing digital assets. It provides a framework that combines three important dimensions: the CIA triad, the data states of storage/processing/transmission (SPT), and the interventions of policy/education/training (PET). By examining the intersections of these dimensions, organizations can gain insights into their InfoSec practices and identify areas for improvement.

In this forum, we will explore the different 3-way intersections of the McCumber Cube. Each intersection represents a unique combination of a security goal from the CIA triad (Confidentiality, Integrity, Availability), a data state from the SPT (Storage, Processing, Transmission), and an intervention from the PET (Policy, Education, Training). To facilitate discussion, we will create separate threads for each intersection.

In each thread, participants are encouraged to share their perspectives and experiences related to the specific 3-way intersection. You have two options for contributing:

1) Share your experiences: Describe how a particular intersection, for example, Confidentiality-Storage-Policy, is addressed in your current or former organization. This should be a generalized description to maintain confidentiality. By sharing these real-world examples, participants can learn from each other’s experiences and gain insights into best practices.

2) Share credible practitioner content: Alternatively, you can introduce new and credible practitioner content, such as guidelines from NIST, SANS, ISACA, or other reputable sources. This content should provide recommended best practices for addressing the specific intersection being discussed. Make sure to cite your sources to support the credibility of the information you provide.

Follow-up posts should contribute new and/or reinforcing ideas, building upon the initial contributions. You can draw from your own experiences or provide additional practitioner content to further enrich the discussion. When sharing practitioner content, it is essential to cite the sources to ensure transparency and credibility.

By organizing the forum around the McCumber Cube, we aim to promote a deeper understanding of InfoSec planning and assessment. This forum provides an opportunity for participants to apply the concepts and principles of the cube to their own organizational contexts, learn from each other’s experiences, and explore best practices recommended by authoritative sources. Through collective knowledge-sharing, we can enhance our understanding of enterprise InfoSec and improve our overall security posture.

Need your ASSIGNMENT done? Use our paper writing service to score better and meet your deadline.


Click Here to Make an Order Click Here to Hire a Writer