Book description
Uncertainty and risk, meet planning and action.
Reinforce your organization’s security posture using the expert information contained in this tactical guide. The Computer Incident Response Planning Handbook: Executable Plans for Protecting Information at Risk shows you how to build and manage successful response plans for the cyber incidents that have become inevitable for organizations of any size. Find out why these plans work. Learn the step-by-step process for developing and managing plans built to address the wide range of issues organizations face in times of crisis.
- Contains the essentials for developing both data breach and malware outbreak response plans—and best practices for maintaining those plans
- Features ready-to-implement CIRPs—derived from living incident response plans that have survived the rigors of repeated execution and numerous audits
- Clearly explains how to minimize the risk of post-event litigation, brand impact, fines and penalties—and how to protect shareholder value
- Supports corporate compliance with industry standards and requirements, including PCI, HIPAA, SOX, and CA SB-24
Table of contents
- Cover
- About the Author
- Copyright
- Contents
- Acknowledgments
- Introduction
- Part I The Threat Landscape
-
Part II Planning for Crisis
- Chapter 3 Getting More Out of Your Plans
-
Chapter 4 Writing Your Computer Incident Response Plan
- What Problem Are You Solving?
- Don’t Bother if You Don’t Have an Executive Sponsor
- Using an Advisory Committee: My Plan vs. Our Plan
- Understanding Your Audiences
- Leveraging the Table of Contents
- Plan Introduction
- Incident Preparation
- Incident Detection, Analysis, and Declaration
- Incident Response
- Plan Maintenance/Post Incident
- Development of an Ad Hoc Organization to Respond to Crisis
-
Part III Plan Development: Data Breach
- Chapter 5 Your Data Breach CIRP: Incident Preparation
-
Chapter 6 Your Data Breach CIRP: Plan Execution
- Plan Execution
- Synchronization and Decision-Making
- Mandatory Reporting/Notification(s)
- Release of “Public-Facing Documents”
- Evidence Discovery and Retention
- Liaison with Local Law Enforcement
- Incident Containment, Eradication, and Recovery
- Eradication and Recovery
- Disaster Recovery/Business Continuity
- CIRP Roles and Responsibilities
- Chapter 7 Your Data Breach CIRP: Post Incident Planning and Maintenance
-
Part IV Plan Development: Malware
- Chapter 8 Your Malware Outbreak CIRP: Incident Preparation
- Chapter 9 Your Malware Outbreak CIRP: Plan Execution
- Chapter 10 Your Malware Outbreak CIRP: Post Incident Planning and Maintenance
-
Chapter 11 Closing Thoughts
- New Age for InfoSec Professionals
- Paradigm #1: The New Consciousness of the Zero-Day Attack
- Paradigm #2: The Need for Transparent Due Diligence
- Paradigm #3: Consequence-Based Information Security
- Paradigm #4: The Constant Challenge of Change
- Paradigm #5: While We’re All Focusing on the Silicon-Based Systems, the Bad Guys Are Targeting the Carbon-Based Ones
- Part V Appendixes
- Glossary
- Index
Product information
- Title: The Computer Incident Response Planning Handbook: Executable Plans for Protecting Information at Risk
- Author(s):
- Release date: August 2012
- Publisher(s): McGraw-Hill
- ISBN: 9780071790406
You might also like
book
Router Security Strategies: Securing IP Network Traffic Planes
Router Security Strategies: Securing IP Network Traffic Planes provides a compre-hensive approach to understand and implement …
article
Twenty Years of Open Innovation
Organizations that practice open innovation draw on external resources to develop new ideas for products and …
book
Cyber Breach Response That Actually Works
You will be breached—the only question is whether you'll be ready A cyber breach could cost …
book
How to Develop and Implement a Security Master Plan
Written for corporation security officers, this work is designed to help them garner executive support and …