Updated annually, the Information Security Management Handbook, Sixth
Edition, Volume 6 is the most comprehensive and up-to-date reference
available on information security and assurance. Bringing together the
knowledge, skills, techniques, and tools required of IT security
professionals, it facilitates the up-to-date understanding required to
stay one step ahead of evolving threats, standards, and regulations.
Reporting on the latest developments in information security and recent
changes to the (ISC)2(R) CISSP Common Body of Knowledge (CBK(R)), this
volume features new information on advanced persistent threats, HIPAA
requirements, social networks, virtualization, and SOA. Its
comprehensive coverage touches on all the key areas IT security
professionals need to know, including:
- Access Control: Technologies and administration including the
requirements of current laws
- Telecommunications and Network Security: Addressing the Internet,
intranet, and extranet
- Information Security and Risk Management: Organizational culture,
preparing for a security audit, and the risks of social media
- Application Security: Ever-present malware threats and building
security into the development process
- Security Architecture and Design: Principles of design including zones
of trust
- Cryptography: Elliptic curve cryptosystems, format-preserving
encryption
- Operations Security: Event analysis
- Business Continuity and Disaster Recovery Planning: Business
continuity in the cloud
- Legal, Regulations, Compliance, and Investigation: Persistent threats
and incident response in the virtual realm
- Physical Security: Essential aspects of physical security
The ubiquitous nature of computers and networks will always provide the
opportunity and means to do harm. This edition updates its popular
predecessors with the information you need to address the
vulnerabilities created by recent innovations such as cloud computing,
mobile banking, digital wallets, and near-field communications. This
handbook is also available on CD.