Information Security Management Handbook, Volume 6
6th Edition
Published on 19. April 2016
504 pages
978-1-4665-5910-3 (ISBN)
Description
Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 6 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay
Reviews / Votes
DOMAIN 1: ACCESS CONTROLAccess Control AdministrationWhat Business Associates Need to Know About Protected Health Information Under HIPAA and HITECH; Rebecca Herold
DOMAIN 2: TELECOMMUNICATIONS AND NETWORK SECURITY
Internet, Intranet, Extranet SecurityE-mail Security; Terence Fernandes
DOMAIN 3: INFORMATION SECURITY AND RISK MANAGEMENT
Security Management Concepts and PrinciplesAppreciating Organizational Behavior and Institutions to Solidify Your Information Security Program; Robert Pittman
Risk ManagementThe Information Security Auditors Have Arrived, Now What?; Todd FitzgeraldContinuous Monitoring: Extremely Valuable to Deploy Within Reason; Foster J. Henderson and Mark A. PodrackySocial Networking; Sandy BacikInsider Threat Defense; Sandy BacikRisk Management in Public Key Certificate Applications; Alex GolodServer Virtualization: Information Security Considerations; Thomas A. Johnson
Security Management PlanningSecurity Requirements Analysis; Sean M. PriceCERT Resilience Management Model: An Overview; Bonnie A. Goins Pilewski and Christopher PilewskiManaging Bluetooth Security; E. Eugene Schultz, Matthew W. A. Pemble, and Wendy Goucher
Employment Policies and PracticesSlash and Burn: In Times of Recession, Do Not Let Emotions Drive Business Decisions; Seth KinnettA "Zero Trust" Model for Security; Ken Shaurette and Thomas J. Schleppenbach
DOMAIN 4: APPLICATION DEVELOPMENT SECURITY
System Development ControlsApplication Whitelisting; Georges JahchanDesign of Information Security for Large System Development Projects; James C. MurphyBuilding Application Security Testing into the Software Development Life Cycle; Sandy Bacik
Malicious CodeTwenty-Five (or Forty) Years of Malware History; Robert M. Slade
DOMAIN 5: CRYPTOGRAPHY
Cryptographic Concepts, Methodologies, and PracticesFormat Preserving Encryption; Ralph Spencer PooreElliptic Curve Cryptosystems; Jeff StapletonPirating the Ultimate Killer APP: Hacking Military Unmanned Aerial Vehicles; Sean P. Mcbride
DOMAIN 6: SECURITY ARCHITECTURE AND DESIGN
Principles of Computer and Network Organizations, Architectures, and DesignsService-Oriented Architecture; Walter B. WilliamsCloud Security; Terry KomperdaEnterprise Zones of Trust; Sandy Bacik
DOMAIN 7: OPERATIONS SECURITY: OPERATIONS CONTROLS
Complex Event Processing for Automated Security Event Analysis; Rob SheinRecords Management; Sandy Bacik
DOMAIN 8: BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING
Business Continuity PlanningData Backup Strategies: Traditional Versus Cloud: Carl B. Jackson
DOMAIN 9: LEGAL, REGULATIONS, COMPLIANCE, AND INVESTIGATIONS
Major Categories of Computer CrimeManaging Advanced Persistent Threats; Eugene Schultz and Cuc Du
Incident HandlingVirtualization Forensics; Paul A. Henry
DOMAIN 10: PHYSICAL (ENVIRONMENTAL) SECURITY
Elements of Physical SecurityTerrorism: An Overview; Frank Bolz, Kenneth J. Dudonis, and David P. Schulz
Technical ControlsCountermeasure Goals and Strategies; Thomas L. NormanIndex
More details
Edition
6th edition
Language
English
Place of publication
Philadelphia, PA
United States
Publishing group
Taylor & Francis Inc
Target group
College/higher education
Information and communication technology management, staff and consultants; security management and staff; special libraries.
Edition type
Revised edition
Product notice
Reflowable
Illustrations
24 s/w Tabellen, 93 s/w Abbildungen
93 b/w images and 24 tables
File size
15,14 MB
ISBN-13
978-1-4665-5910-3 (9781466559103)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Harold F. Tipton | Micki Krause Nozaki
Information Security Management Handbook, Volume 6
Book
11/2016
6th Edition
CRC Press
€70.90
Shipment within 10-20 days
Harold F. Tipton | Micki Krause Nozaki
Information Security Management Handbook, Volume 6
Sixth Edition, Volume 6
Book
03/2012
6th Edition
Taylor & Francis
€205.30
Shipment within 15-20 days
Persons
About the Editors:
Sadly, Harold F. Tipton passed away on Friday, March 16, 2012. We're grateful for his many years of friendship and guidance. Hal was instrumental in the creation and development of the information security publishing program at CRC Press.
Hal was an independent consultant and past president of the International Information System Security Certification Consortium (ISC)2. He was the director of Computer Security for Rockwell International Corporation for 15 years. He initiated the Rockwell computer and data security program in 1977 and then continued to administer, develop, enhance, and expand the program to accommodate the control needs produced by technological advances until his retirement from Rockwell in 1994. He was a member of the Information Systems Security Association (ISSA) since 1982, president of the Los Angeles Chapter in 1984, and president of the national organization of ISSA from 1987 to 1989. He was added to the ISSA Hall of Fame and the ISSA Honor Roll in 2000. He received the Computer Security Institute "Lifetime Achievement Award" in 1994 and the (ISC)2 "Hal Tipton Award" in 2001. He was a member of the National Institute for Standards and Technology (NIST) Computer and Telecommunications Security Council and the National Research Council Secure Systems Study Committee (for the National Academy of Science). He received a bachelor of science degree in engineering from the U.S. Naval Academy, a master's degree in personnel administration from George Washington University, and a certificate in computer science from the University of California, Irvine. He published several papers on information security issues in the Information Security Management Handbook, Data Security Management, Information Systems Security, and the National Academy of Sciences report Computers at Risk.
He was a frequent speaker at all major information se
Sadly, Harold F. Tipton passed away on Friday, March 16, 2012. We're grateful for his many years of friendship and guidance. Hal was instrumental in the creation and development of the information security publishing program at CRC Press.
Hal was an independent consultant and past president of the International Information System Security Certification Consortium (ISC)2. He was the director of Computer Security for Rockwell International Corporation for 15 years. He initiated the Rockwell computer and data security program in 1977 and then continued to administer, develop, enhance, and expand the program to accommodate the control needs produced by technological advances until his retirement from Rockwell in 1994. He was a member of the Information Systems Security Association (ISSA) since 1982, president of the Los Angeles Chapter in 1984, and president of the national organization of ISSA from 1987 to 1989. He was added to the ISSA Hall of Fame and the ISSA Honor Roll in 2000. He received the Computer Security Institute "Lifetime Achievement Award" in 1994 and the (ISC)2 "Hal Tipton Award" in 2001. He was a member of the National Institute for Standards and Technology (NIST) Computer and Telecommunications Security Council and the National Research Council Secure Systems Study Committee (for the National Academy of Science). He received a bachelor of science degree in engineering from the U.S. Naval Academy, a master's degree in personnel administration from George Washington University, and a certificate in computer science from the University of California, Irvine. He published several papers on information security issues in the Information Security Management Handbook, Data Security Management, Information Systems Security, and the National Academy of Sciences report Computers at Risk.
He was a frequent speaker at all major information se
Content
Access Control. Telecommunications & Network Security. Information Security & Risk Management. Application Security. Cryptography. Security Architecture & Design. Operations Security. Business Continuity Planning & Disaster Recovery Planning. Legal, Regulations, Compliance & Investigation. Physical Security.
