In reading the table of contents of the just released Information Security Management Handbook – 2012, there is some sadness in seeing names of colleagues who are no longer living; namely Hal Tipton and Gene Schultz. 

Hal actually reached out to me in late 2011 to see if I wanted to contribute any news articles to this volume, but I did not have the time.  It turns out the volume has 8 articles of mine from previous versions.  Full disclosure: aside from a free copy of the CD-ROM, neither I nor any of the authors have financial profit from its sales.

With that, at over 6,900 pages, the current edition is a compendium of all previous editions.  If you thought Shon Harris’s CISSP study guide was comprehensive, this is encyclopedic.

Note that the 2012 edition is on CD-ROM and not hard copy.  It has 31 new entries for 2012, and with every article from the first edition of 1997, the handbook is comprehensive, but not every article is state of the art.

While the book is organized under the CISSP CBK domains, it should not readily be used as a primary reference for those studying for the CISSP exam, given its unmanageable length as a primary reference.

With articles from luminaries such as Ray Kaplan, Paul Henry, Dan Houser, Ed Skoudis Rebecca Herold, Mano Paul, Anton Chuvakin and many more, the Information Security Management Handbook – 2012 is one of the most complete information security references available.