Book description
Offering a structured approach to handling and recovering from a catastrophic data loss, this book will help both technical and non-technical professionals put effective processes in place to secure their business-critical information and provide a roadmap of the appropriate recovery and notification steps when calamity strikes.- Addresses a very topical subject of great concern to security, general IT and business management
- Provides a step-by-step approach to managing the consequences of and recovering from the loss of sensitive data
- Gathers in a single place all information about this critical issue, including legal, public relations and regulatory issues
Table of contents
- Copyright
- Visit us at www.syngress.com
- Author
- 1. Introduction
-
2. Data Classification
- Introduction
- Security Objectives
- Potential Impact
- Classification Levels
- Data Ownership and Usage
- Data Sharing
- Metadata
- Classification Project
- The Data Life Cycle
- Summary
-
3. Controls and Safeguards
- Data Security Program
- Security Controls
- Technical Safeguards
- Access Control
- Activity Logging and Monitoring
- Software Assurance
- Change Management
- Backup and Restore
- Disaster Recovery/Business Continuity Planning
- Disposal
- Insiders
- Social Engineering
- Third-Party Vendors
- Training and Awareness
- Compensating Controls
- Auditing
- Testing
- Updating
- Summary
-
4. Data Security Policy
- Introduction
- Standards and Procedures
- Benefits
- Goals and Trade-Offs
- Policy Development Process
- Contents
- Related Policies
- Policy Implementation
- Update and Maintenance
- Compliance Audit
- Metrics
- Management and Board Approval
- Summary
-
5. Response Program
- Introduction
- Data Breach Response Team
-
Developing the Response Plan
- Overview
- Development
- Approval
- Audience
-
Contents
- Strategies and Goals
- Statement of Management Commitment
- Data Breach Response Team
- Contact Information
- List of Critical Assets
- Safeguards and Controls
- Incident Types
- Business Impact Analysis
- Reporting Mechanisms and Guidelines
- Information Disclosure
- Severity Classification
- Analysis and Assessment
- Containment
- Isolation
- Recovery
- Forensics
- Disclosure and Notification
- Communications
- Documentation
- Damage Assessment
- Lessons Learned
- Diagnosis Matrix
- Vendor Contacts
- Internal and External Resources
- Related Documents
- Future Roadmap
- Update
- Simulations and Walkthroughs
- Summary
- 6. Detection and Reporting
- 7. Evaluation and Response
- 8. Disclosure and Notification
- 9. Closure
-
A. Relevant Legislation
- Introduction
- United States—Federal Legislation
-
United States—State Legislation
- California
-
Other States
- Arizona
- Arkansas
- Colorado
- Connecticut
- Delaware
- District of Columbia
- Florida
- Georgia
- Hawaii
- Idaho
- Illinois
- Indiana
- Kansas
- Louisiana
- Maine
- Maryland
- Massachusetts
- Michigan
- Minnesota
- Montana
- Nebraska
- Nevada
- New Hampshire
- New Jersey
- New York
- North Carolina
- North Dakota
- Ohio
- Oklahoma
- Oregon
- Pennsylvania
- Rhode Island
- Tennessee
- Texas
- Utah
- Vermont
- Washington
- Wisconsin
- Wyoming
- Canada
- European Union
Product information
- Title: Managing Catastrophic Loss of Sensitive Data
- Author(s):
- Release date: April 2011
- Publisher(s): Syngress
- ISBN: 9780080558714
You might also like
book
Beginning Backup and Restore for SQL Server: Data Loss Management and Prevention Techniques
Be guided through the techniques to back up and restore databases and files in SQL Server. …
book
Protecting Data Privacy Beyond the Trusted System of Record
To help you safeguard your sensitive data and provide ease of auditability and control, IBM introduced …
video
Building a Bomb-Proof Backup Strategy
Backup, Backup, Backup is a common mantra, but often it's easier said than done maintaining a …
book
Data Warehousing with Greenplum, 2nd Edition
Data professionals are confronting the most disruptive change since relational databases appeared in the 1980s. SQL …