Data Breaches: Crisis and Opportunity

Book description

Protect Your Organization Against Massive Data Breaches and Their Consequences

Data breaches can be catastrophic, but they remain mysterious because victims don't want to talk about them. In Data Breaches, world-renowned cybersecurity expert Sherri Davidoff shines a light on these events, offering practical guidance for reducing risk and mitigating consequences. Reflecting extensive personal experience and lessons from the world's most damaging breaches, Davidoff identifies proven tactics for reducing damage caused by breaches and avoiding common mistakes that cause them to spiral out of control.

You'll learn how to manage data breaches as the true crises they are; minimize reputational damage and legal exposure; address unique challenges associated with health and payment card data; respond to hacktivism, ransomware, and cyber extortion; and prepare for the emerging battlefront of cloud-based breaches.

  • Understand what you need to know about data breaches, the dark web, and markets for stolen data
  • Limit damage by going beyond conventional incident response
  • Navigate high-risk payment card breaches in the context of PCI DSS
  • Assess and mitigate data breach risks associated with vendors and third-party suppliers
  • Manage compliance requirements associated with healthcare and HIPAA
  • Quickly respond to ransomware and data exposure cases
  • Make better decisions about cyber insurance and maximize the value of your policy
  • Reduce cloud risks and properly prepare for cloud-based data breaches

Data Breaches is indispensable for everyone involved in breach avoidance or response: executives, managers, IT staff, consultants, investigators, students, and more. Read it before a breach happens!

Register your book for convenient access to downloads, updates, and/or corrections as they become available. See inside book for details.

Table of contents

  1. Cover Page
  2. About This eBook
  3. Half-Title Page
  4. Title Page
  5. Copyright Page
  6. Dedication Page
  7. Contents
  8. Preface
    1. Who Should Read This Book?
    2. How This Book Is Organized
    3. Stay Up-to-Date
  9. Acknowledgments
  10. About the Author
  11. Chapter 1. Dark Matters
    1. 1.1 Dark Breaches
    2. 1.2 Skewed Statistics
    3. 1.3 Why Report?
    4. 1.4 What’s Left Unsaid
  12. Chapter 2. Hazardous Material
    1. The Theft
    2. Triage
    3. Involving Law Enforcement
    4. The First Customer Breach Notification
    5. Downplaying Risk
    6. Media Manipulation
    7. Skeletons in the Closet
    8. What We Can Learn
    9. 2.1 Data Is the New Oil
    10. 2.2 The Five Data Breach Risk Factors
    11. 2.3 The Demand for Data
    12. 2.4 Anonymization and Renonymization
    13. 2.5 Follow the Data
    14. 2.6 Reducing Risk
    15. 2.7 Conclusion
  13. Chapter 3. Crisis Management
    1. 3.1 Crisis and Opportunity
    2. 3.2 Crisis Communications, or Communications Crisis?
    3. 3.3 Equifax
    4. 3.4 Conclusion
  14. Chapter 4. Managing DRAMA
    1. 4.1 The Birth of Data Breaches
    2. 4.2 A Smoldering Crisis
    3. 4.3 Prodromal Phase
    4. 4.4 Acute Phase
    5. 4.5 Reducing Harm
    6. 4.6 Chronic Phase
    7. 4.7 Resolution Phase
    8. 4.8 Before a Breach
    9. 4.9 Conclusion
  15. Chapter 5. Stolen Data
    1. 5.1 Leveraging Breached Data
    2. 5.2 Fraud
    3. 5.3 Sale
    4. 5.4 The Goods
    5. 5.5 Conclusion
  16. Chapter 6. Payment Card Breaches
    1. 6.1 The Greatest Payment Card Scam of All
    2. 6.2 Impact of a Breach
    3. 6.3 Placing Blame
    4. 6.4 Self-Regulation
    5. 6.5 TJX Breach
    6. 6.6 The Heartland Breach
    7. 6.7 PCI and Data Breach Investigations
    8. 6.8 Conclusion
  17. Chapter 7. Retailgeddon
    1. 7.1 Accident Analysis
    2. 7.2 An Ounce of Prevention
    3. 7.3 Target’s Response
    4. 7.4 Ripple Effects
    5. 7.5 Chip and Scam
    6. 7.6 Legislation and Standards
    7. 7.7 Conclusion
  18. Chapter 8. Supply Chain Risks
    1. 8.1 Service Provider Access
    2. 8.2 Technology Supply Chain Risks
    3. 8.3 Cyber Arsenals
    4. 8.4 Conclusion
  19. Chapter 9. Health Data Breaches
    1. 9.1 The Public vs. the Patient
    2. 9.2 Bulls-Eye on Healthcare
    3. 9.3 HIPAA: Momentous and Flawed
    4. 9.4 Escape from HIPAA
    5. 9.5 Health Breach Epidemic
    6. 9.6 After a Breach
    7. 9.7 Conclusion
  20. Chapter 10. Exposure and Weaponization
    1. 10.1 Exposure Breaches
    2. 10.2 Response
    3. 10.3 MegaLeaks
    4. 10.4 Conclusion
  21. Chapter 11. Extortion
    1. 11.1 Epidemic
    2. 11.2 Denial Extortion
    3. 11.3 Exposure Extortion
    4. 11.4 Faux Extortion
    5. 11.5 Conclusion
  22. Chapter 12. Cyber Insurance
    1. 12.1 Growth of Cyber Insurance
    2. 12.2 Industry Challenges
    3. 12.3 Types of Coverage
    4. 12.4 Commercial Off-the-Shelf Breach Response
    5. 12.5 How to Pick the Right Cyber Insurance
    6. 12.6 Leverage Your Cyber Insurance
    7. 12.7 Conclusion
  23. Chapter 13. Cloud Breaches
    1. 13.1 Risks of the Cloud
    2. 13.2 Visibility
    3. 13.3 Intercepted
    4. 13.4 Conclusion
  24. Afterword
  25. Index

Product information

  • Title: Data Breaches: Crisis and Opportunity
  • Author(s): Sherri Davidoff
  • Release date: October 2019
  • Publisher(s): Addison-Wesley Professional
  • ISBN: 9780134507750