Cyber breach response that actually works : organizational approach to managing residual risk /

You will be breached'the only question is whether you'll be ready'''' A cyber breach could cost your organization millions of dollars'in 2019, the average cost of a cyber breach for companies was $3.9M, a figure that is increasing 20-30% annually. But effective pla...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Gorecki, Andrew
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Indianapolis : Wiley, 2020.
Temas:
Computer security > Management.
Sécurité informatique > Gestion.
COMPUTERS > Security > General.
Computer security > Management
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright Page
  • About the Author
  • About the Technical Editors
  • Acknowledgments
  • Contents at a Glance
  • Contents
  • Foreword
  • Introduction
  • Who Should Read This Book
  • How This Book Is Organized
  • How to Contact Wiley or the Author
  • Notes
  • Chapter 1 Understanding the Bigger Picture
  • Evolving Threat Landscape
  • Identifying Threat Actors
  • Cyberattack Lifecycle
  • Defining Cyber Breach Response
  • Events, Alerts, Observations, Incidents, and Breaches
  • What Is Cyber Breach Response?
  • Identifying Drivers for Cyber Breach Response
  • Risk Management
  • Cyber Threat Intelligence
  • Laws and Regulations
  • Changing Business Objectives
  • Incorporating Cyber Breach Response into a Cybersecurity Program
  • Strategic Planning
  • Designing a Program
  • Implementing Program Components
  • Program Operations
  • Continual Improvement
  • Strategy Development
  • Strategic Assessment
  • Strategy Definition
  • Strategy Execution
  • Roadmap Development
  • Governance
  • Establishing Policies
  • Identifying Key Stakeholders
  • Business Alignment
  • Continual Improvement
  • Summary
  • Notes
  • Chapter 2 Building a Cybersecurity Incident Response Team
  • Defining a CSIRT
  • CSIRT History
  • Defining Incident Response Competencies and Functions
  • Proactive Functions
  • Reactive Functions
  • Creating an Incident Response Team
  • Creating an Incident Response Mission Statement
  • Choosing a Team Model
  • Organizing an Incident Response Team
  • Hiring and Training Personnel
  • Establishing Authority
  • Introducing an Incident Response Team to the Enterprise
  • Enacting a CSIRT
  • Defining a Coordination Model
  • Communication Flow
  • Assigning Roles and Responsibilities
  • Business Functions
  • Legal and Compliance
  • Information Technology Functions
  • Senior Management
  • Working with Outsourcing Partners
  • Outsourcing Considerations
  • Establishing Successful Relationships with Vendors
  • Summary
  • Notes
  • Chapter 3 Technology Considerations in Cyber Breach Investigations
  • Sourcing Technology
  • Comparing Commercial vs. Open Source Tools
  • Developing In-House Software Tools
  • Procuring Hardware
  • Acquiring Forensic Data
  • Forensic Acquisition
  • Live Response
  • Incident Response Investigations in Virtualized Environments
  • Traditional Virtualization
  • Cloud Computing
  • Leveraging Network Data in Investigations
  • Identifying Forensic Evidence in Enterprise Technology Services
  • Domain Name System
  • Dynamic Host Configuration Protocol
  • Web Servers
  • Databases
  • Security Tools
  • Log Management
  • What Is Logging?
  • What Is Log Management?
  • Log Management Lifecycle
  • Collection and Storage
  • Managing Logs with a SIEM
  • Summary
  • Notes
  • Chapter 4 Crafting an Incident Response Plan
  • Incident Response Lifecycle
  • Preparing for an Incident
  • Detecting and Analyzing Incidents
  • Containment, Eradication, and Recovery
  • Post-Incident Activities

Ejemplares similares