Information Security Management Handbook | Fifth Edition



The research on risks, threats and exposures continues to demonstrate the need for taking an assertive approach to information risk management. According to published sources:

• From 1989 to early 2003, the number of security incidents increased from 130 to over 42,000
• From 2000 to early 2003, the number of security vulnerabilities reported total over 900, which is over twice that of the sum of vulnerabilities reported for the five previous years
• Since 1995, the annual increase in risk from internet hacking is up 60% per year (U.S.)
• Since 1995, the annual increase in risk from viruses and worms is up over 100% per year (U.S.)

Of course, precursors for taking an assertive approach to information risk management are possession of the requisite knowledge and skills as well as the ability to practically apply that knowledge. The mission of the Information Security Management Handbook (ISMH) is to arm the reader so that you are prepared to do battle in this challenging environment. The ISMH is designed to cover in detail the ten domains of the Information Security Common Body of Knowledge and offer pragmatic counsel on implementation of technologies, processes, and procedures. It is designed to empower the security professional, the information technology professional, and the chief information officer with information such that they can do their duty, protect the information assets of their organizations.

Volume 5 is a blend of some of the most current articles from the previous edition along with new
articles that may not have been covered previously. It also includes articles on tried and true topics such as policies, firewalls, and Internet security, but with a differing focus or distinction based on the various authors’ experiences. As always, this edition is a comprehensive tome that offers vast amounts of information protection and security advice, from policy development to cryptographic fundamentals and everything between. Whether the reader is an experienced and certified professional (CISSP), an IT executive, or a novice firewall administrator, there is something worthwhile for all.

Go To Base64 & Decode:


Happy learning!


Lovely!! Thank you :slight_smile:

1 Like