CHAPTER 4: GENERAL AVOIDANCE AND MITIGATION STRATEGIES
Introduction – general aspects, avoidance and related ISO27001 controls
As already mentioned, this book deals only with severe incidents, referred to as ‘breaches’ and with breaches in the strict sense of the word, meaning that damage to confidentiality, availability or integrity of information has actually occurred, or is bound to occur, if mitigation of a risk does not set in immediately. In the case studies, we will mainly describe severe breaches of confidentiality (most common), followed by availability problems of such magnitude that one could call these breaches, and then just a few integrity breaches. Breaches of integrity are not so common when sticking close to our definition, as ...
Get Managing Information Security: Studies from real life now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.