Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 6 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations. Reporting on the latest developments in information security and recent changes to the (ISC)2 CISSP Common Body of Knowledge (CBK), this volume features new information on advanced persistent threats, HIPAA requirements, social networks, virtualization, and SOA. Its comprehensive coverage touches on all the key areas IT security professionals need to know, including:Access Control: Technologies and administration including the requirements of current lawsTelecommunications and Network Security: Addressing the Internet, intranet, and extranetInformation Security and Risk Management: Organizational culture, preparing for a security audit, and the risks of social mediaApplication Security: Ever-present malware threats and building security into the development processSecurity Architecture and Design: Principles of design including zones of trust Cryptography: Elliptic curve cryptosystems, format-preserving encryptionOperations Security: Event analysis Business Continuity and Disaster Recovery Planning: Business continuity in the cloudLegal, Regulations, Compliance, and Investigation: Persistent threats and incident response in the virtual realmPhysical Security: Essential aspects of physical securityThe ubiquitous nature of computers and networks will always provide the opportunity and means to do harm. This edition updates its popular predecessors with the information you need to address the vulnerabilities created by recent innovations such as cloud computing, mobile banking, digital wallets, and near-field communications. This handbook is also available on CD.