An all-star cast of authors analyze the top IT security threats for 2008 as selected by the editors and readers of Infosecurity Magazine. This book, compiled from the Syngress Security Library, is an essential reference for any IT professional managing enterprise security. It serves as an early warning system, allowing readers to assess vulnerabilities, design protection schemes and plan for disaster recovery should an attack occur. Topics include Botnets, Cross Site Scripting Attacks, Social Engineering, Physical and Logical Convergence, Payment Card Industry (PCI) Data Security Standards (DSS), Voice over IP (VoIP), and Asterisk Hacking.
Each threat is fully defined, likely vulnerabilities are identified, and detection and prevention strategies are considered. Wherever possible, real-world examples are used to illustrate the threats and tools for specific solutions.
* Provides IT Security Professionals with a first look at likely new threats to their enterprise
* Includes real-world examples of system intrusions and compromised data
* Provides techniques and strategies to detect, prevent, and recover
* Includes coverage of PCI, VoIP, XSS, Asterisk, Social Engineering, Botnets, and Convergence

Government and companies have already invested hundreds of millions of dollars in the convergence of physical and logical security solutions, but there are no books on the topic.
This book begins with an overall explanation of information security, physical security, and why approaching these two different types of security in one way (called convergence) is so critical in today s changing security landscape. It then details enterprise security management as it relates to incident detection and incident management. This is followed by detailed examples of implementation, taking the reader through cases addressing various physical security technologies such as: video surveillance, HVAC, RFID, access controls, biometrics, and more.
*This topic is picking up momentum every day with every new computer exploit, announcement of a malicious insider, or issues related to terrorists, organized crime, and nation-state threats
*The author has over a decade of real-world security and management expertise developed in some of the most sensitive and mission-critical environments in the world
*Enterprise Security Management (ESM) is deployed in tens of thousands of organizations worldwide"