Information Security Management Handbook, Volume 7: 6th Edition (Hardback) book cover

Information Security Management Handbook, Volume 7

6th Edition

Edited by Richard O'Hanley, James S. Tiller

Auerbach Publications

434 pages | 61 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781466567498
pub: 2013-08-29
$110.00
x
eBook (VitalSource) : 9780429099243
pub: 2013-08-29
from $28.98


FREE Standard Shipping!

Description

Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 7 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations.

Reporting on the latest developments in information security and recent changes to the (ISC) CISSP Common Body of Knowledge (CBK®), this volume features 27 new chapters on topics such as BYOD, IT consumerization, smart grids, security, and privacy.

  • Covers the fundamental knowledge, skills, techniques, and tools required by IT security professionals
  • Updates its bestselling predecessors with new developments in information security and the (ISC) CISSP® CBK®
  • Provides valuable insights from leaders in the field on the theory and practice of computer security technology
  • Facilitates the comprehensive and up-to-date understanding you need to stay fully informed

The ubiquitous nature of computers and networks will always provide the opportunity and means to do harm. This edition updates its popular predecessors with the information you need to address the vulnerabilities created by recent innovations such as cloud computing, mobile banking, digital wallets, and near-field communications. This handbook is also available on CD.

Table of Contents

Domain 1: TELECOMMUNICATIONS AND NETWORK SECURITY

Communications and Network Security

1. Securing the Grid; Terry Komperda

Network Attacks and Countermeasures

2. Attacks in Mobile Environments; Noureddine Boudriga

Domain 2: INFORMATION SECURITY GOVERNANCE AND RISK MANAGEMENT

Security Management Concepts and Principles

3. Security in the Cloud; Sandy Bacik

4. Getting the Best Out of Information Security Projects; Todd Fitzgerald

5. Mobility and Its Impact on Enterprise Security; Prashanth Venkatesh and Balaji Raghunathan

6. An Introduction to Digital Rights Management; Ashutosh Saxena and Ravi Sankar Veerubhotla

7. Information Security on the Cheap; Beau Woods

8. Organizational Behavior (Including Institutions) Can Cultivate Your Information Security Program; Robert K. Pittman, Jr.

9. Metrics for Monitoring; Sandy Bacik

Policies, Standards, Procedures, and Guidelines

10. Security Implications of Bring Your Own Device, IT Consumerization, and Managing User Choices; Sandy Bacik

11. Information Assurance: Open Research Questions and Future Directions; Seth J. Kinnett

Security Awareness Training

12. Protecting Us from Us: Human Firewall Vulnerability Assessments; Ken M. Shaurette and Tom Schleppenbach

Domain 3: APPLICATION DEVELOPMENT SECURITY

Application Issues

13. Service-Oriented Architecture; Walter B. Williams

Systems Development Controls

14. Managing the Security Testing Process; Anthony Meholic

15. Security and Resilience in the Software Development Life Cycle; Mark S. Merkow and Lakshmikanth Raghavan

Domain 4: CRYPTOGRAPHY

Cryptographic Concepts, Methodologies, and Practices

16. Cloud Cryptography; Jeff Stapleton

Domain 5: SECURITY ARCHITECTURE AND DESIGN

Principles of Security Models, Architectures, and Evaluation Criteria

17. Identity and Access Management Architecture; Jeff Crume

18. FedRAMP SM: Entry or Exit Ramp for Cloud Security?; Debra S. Herrmann

Domain 6: OPERATIONS SECURITY

Concepts

19. Data Storage and Network Security; Greg Schulz

Domain 7: LEGAL, REGULATIONS, COMPLIANCE, AND INVESTIGATIONS

Information Law

20. National Patient Identifier and Patient Privacy in the Digital Era; Tim Godlove and Adrian Ball

21. Addressing Social Media Security and Privacy Challenges; Rebecca Herold

Investigations

22. What Is Digital Forensics and What Should You Know about It?; Greg Gogolin

23. eDiscovery; David G. Hill

24. Overview of the Steps of the Electronic Discovery Reference Model; David G. Hill

25. Cell Phone Protocols and Operating Systems; Eamon P. Doherty

Major Categories of Computer Crime

26. Hacktivism: The Whats, Whys, and Wherefores; Chris Hare

Compliance

27. PCI Compliance; Tyler Justin Speed

28. HIPAA /HITECH Compliance Overview

About the Editors

James S. Tiller, CISM, CISA, CISSP, is the Head of Security Consulting, Americas, HP Enterprise Security Services, Hewlett-Packard Company. Formerly Vice President of Security North America for BT Global Services, Jim has provided security solutions for global organizations for the past 20 years. He is the author of the following books published by Auerbach: CISO's Guide to Penetration Testing: A Framework to Plan, Manage, and Maximize Benefits; Adaptive Security Management Architecture; and A Technical Guide to IPSec Virtual Private Networks.

Richard O'Hanley is the Publisher for Information and Communications Technology, Business, and Security at CRC Press. Mr. O'Hanley can be reached at rich.ohanley@taylorandfrancis.com

Subject Categories

BISAC Subject Codes/Headings:
COM032000
COMPUTERS / Information Technology
COM043000
COMPUTERS / Networking / General
COM053000
COMPUTERS / Security / General