Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 6 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations.
Reporting on the latest developments in information security and recent changes to the (ISC)2® CISSP Common Body of Knowledge (CBK®), this volume features new information on advanced persistent threats, HIPAA requirements, social networks, virtualization, and SOA. Its comprehensive coverage touches on all the key areas IT security professionals need to know, including:
Access Control: Technologies and administration including the requirements of current laws
Telecommunications and Network Security: Addressing the Internet, intranet, and extranet
Information Security and Risk Management: Organizational culture, preparing for a security audit, and the risks of social media
Application Security: Ever-present malware threats and building security into the development process
Security Architecture and Design: Principles of design including zones of trust
Cryptography: Elliptic curve cryptosystems, format-preserving encryption
Operations Security: Event analysis
Business Continuity and Disaster Recovery Planning: Business continuity in the cloud
Legal, Regulations, Compliance, and Investigation: Persistent threats and incident response in the virtual realm
Physical Security: Essential aspects of physical security
The ubiquitous nature of computers and networks will always provide the opportunity and means to do harm. This edition updates its popular predecessors with the information you need to address the vulnerabilities created by recent innovations such as cloud computing, mobile banking, digital wallets, and near-field communications. This handbook is also available on CD.