CHAPTER 3: CASE STUDIES

This chapter is intended for the curious reader who would like to know about other companies’ experiences with a serious incident, and the outcomes. Although ISO27001 stipulates that, to enable learning, companies should share information on such experiences, it is actually difficult for them to do so. Nobody likes to admit that they have had a serious problem. This is understandable as, nowadays, it is highly likely that customers, members of the public or even government officials will try to gain some windfall profit from such an incident through lawsuits, bad press or other action. In addition, of course, if the company affected is publicly traded, the stock market may react quite severely to news of a serious breach. ...

Get Information Security Breaches: Avoidance and Treatment Based on ISO27001, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.