Book description
There are lots of books that will tell you what to do to prevent an information security breach. This book is different. It tells you what you have to do if a security breach occurs.
Table of contents
- Copyright
- Foreword
- Preface
- About the Author
- Acknowledgements
- Introduction
- 1. What Constitutes a Breach?
-
2. Treatment Using ISO27001
- Assess the damage
- Past or future?
- Initiate an investigation, secure all evidence
- Evaluate evidence
- Draft the report
- Final decision
- Follow up with tenacity
- Review
-
How ISO27001 supports the treatment of breaches
- A.6.1.6 – Contact with authorities
- A.8.2.2 – Information security awareness, education and training
- A.8.2.3 – Disciplinary process
- A.8.3.2 – Return of assets
- A.8.3.3 – Removal of access rights
- A.10.4.1 – Controls against malicious code
- A.10.10.1 – Audit logging
- A.10.10.3 – Protection of log information
- A.12.5.4 – Information leakage
- A.13.1.1 – Reporting information security events
- A.13.1.2 – Reporting security weaknesses
- A.13.2.1 – Responsibilities and procedures
- A.13.2.2 – Learning from information security incidents
- A.13.2.3 – Collection of evidence
- 4.2.1. c–f – Defining the risk assessment approach of the organisation
- 3. Case Studies
- ITG Resources
Product information
- Title: Information Security Breaches: Avoidance and Treatment based on ISO27001
- Author(s):
- Release date: December 2009
- Publisher(s): IT Governance Publishing
- ISBN: 9781849280273
You might also like
book
Information Security Breaches: Avoidance and Treatment Based on ISO27001, 2nd Edition
What if you suffer an information security breach? Many titles explain how to reduce the risk …
book
The Computer Incident Response Planning Handbook: Executable Plans for Protecting Information at Risk
Uncertainty and risk, meet planning and action. Reinforce your organization’s security posture using the expert information …
book
Asset Protection through Security Awareness
Supplying a high-level overview of how to protect your company's physical and intangible assets, Asset Protection …
book
An Introduction to Information Security and ISO27001: A Pocket Guide
This new pocket guide is intended to meet the needs of two groups: Individual readers who …