Cargando…
Managing information security breaches : studies from real life /
This book provides a general discussion and education about information security breaches, how they can be treated and what ISO27001 can offer in that regard, spiced with a number of real-life stories of information security incidents and breaches. These case studies enable an in-depth analysis of t...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Cambridgeshire, England :
IT Governance Publishing,
2014.
|
| Edición: | Second edition. |
| Temas: | |
| Acceso en línea: | Texto completo |
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | JSTOR_ocn905916579 | ||
| 003 | OCoLC | ||
| 005 | 20231005004200.0 | ||
| 006 | m o d | ||
| 007 | cr cn||||||||| | ||
| 008 | 150309t20142014enka ob 000 0 eng d | ||
| 040 | |a E7B |b eng |e rda |e pn |c E7B |d OCLCO |d JSTOR |d OCLCF |d EBLCP |d OCLCQ |d STF |d DEBSZ |d COO |d N$T |d YDXCP |d ICA |d IDB |d OCLCQ |d AGLDB |d LIV |d MERUC |d OCLCQ |d IOG |d OCLCA |d VTS |d OCLCQ |d ITD |d LVT |d OCLCQ |d BRF |d OCLCO |d OCLCQ | ||
| 019 | |a 923646204 |a 948892995 |a 961627743 | ||
| 020 | |a 9781849285964 |q (electronic bk.) | ||
| 020 | |a 1849285969 |q (electronic bk.) | ||
| 020 | |z 1849285950 | ||
| 020 | |z 9781849285957 | ||
| 020 | |z 1849280959 | ||
| 020 | |z 9781849280952 | ||
| 029 | 1 | |a AU@ |b 000054991728 | |
| 029 | 1 | |a CHNEW |b 000705528 | |
| 029 | 1 | |a CHNEW |b 000891689 | |
| 029 | 1 | |a CHVBK |b 334948037 | |
| 029 | 1 | |a DEBBG |b BV042622535 | |
| 029 | 1 | |a DEBBG |b BV043958793 | |
| 029 | 1 | |a DEBSZ |b 449530868 | |
| 029 | 1 | |a DEBSZ |b 481289925 | |
| 035 | |a (OCoLC)905916579 |z (OCoLC)923646204 |z (OCoLC)948892995 |z (OCoLC)961627743 | ||
| 037 | |a 22573/ctt14s2vgh |b JSTOR | ||
| 050 | 4 | |a QA76.9.A25 |b .K738 2014eb | |
| 072 | 7 | |a COM000000 |2 bisacsh | |
| 072 | 7 | |a COM053000 |2 bisacsh | |
| 082 | 0 | 4 | |a 005.8 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Krausz, Michael, |e author. | |
| 245 | 1 | 0 | |a Managing information security breaches : |b studies from real life / |c Michael Krausz. |
| 250 | |a Second edition. | ||
| 264 | 1 | |a Cambridgeshire, England : |b IT Governance Publishing, |c 2014. | |
| 264 | 4 | |c ©2014 | |
| 300 | |a 1 online resource (199 pages) : |b color illustrations, tables | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 588 | 0 | |a Online resource; title from PDF title page (ebrary, viewed March 9, 2015). | |
| 505 | 0 | |a Foreword -- Preface -- About the Author -- Acknowledgements -- Contents -- Introduction -- Part 1 � General -- Chapter 1: Why Risk does Not Depend on Company Size -- Risk effect -- Propagation of damage (downstream effects) -- Culture -- Information security staff -- Cash reserves / cash at hand -- Ability to improvise / make quick decisions -- Preparedness -- Contacts with authority -- Chapter 2: Getting your Risk Profile Right -- Intuitive risk analysis -- Formal risk analysis -- Step 1 � Identifying threats | |
| 505 | 8 | |a Step 2 � Assigning damage and likelihoodStep 3 � Defining acceptable loss -- Step 4 � Defining mitigation priorities (business priorities) -- Residual risks -- Chapter 3: What is a Breach? -- Confidentiality breach -- Availability breach -- Integrity breach -- Impact -- Source -- External vs. internal -- Unintentional vs. intentional -- Manual vs. automatic -- Human vs. nature -- General treatment options -- Chapter 4: General Avoidance and Mitigation Strategies -- Introduction � general aspects, avoidance and related ISO27001 controls -- People | |
| 505 | 8 | |a A.7.1.1 � ScreeningMethods of screening -- A.7.1.2 � Terms and conditions of employment -- A.7.2.1 � Management responsibilities -- A.7.2.2 � Information security awareness, education and training -- A.7.2.3 � Disciplinary process -- A.7.3.1 � Termination or change of employment -- A.8.1.4 � Return of assets -- A.9.2.6 � Removal or adjustment of access rights -- Processes -- Technology -- ISO27001 Controls helpful for treatment of breaches -- A.6.1.3 � Contact with authorities | |
| 505 | 8 | |a A.7.2.2 � Information security awareness, education and trainingA.7.2.3 � Disciplinary process A.8.1.4 � Return of assets A.9.2.6 � Removal or adjustment of access rights -- A.12.2.1 � Controls against malware -- A.12.4.1 � Event logging and -- A.12.4.2 � Protection of log information -- A.16.1.1 � Responsibilities and procedures -- A.16.1.2 � Reporting information security events -- A.16.1.3 � Reporting security weaknesses -- A.16.1.4 � Assessment of and decision on information security events | |
| 505 | 8 | |a A.16.1.5 � Response to information security incidentsA.16.1.6 � Learning from information security incidents -- A.16.1.7 � Collection of evidence -- Strategies and tactics for treating breaches -- Tactical advice -- Regular meetings -- Time, time, time -- Rest -- People (number) -- International contacts -- Keep the information flowing -- Keep minutes -- Additional quality feedback -- Dimensions of treatment / mitigation of information security breaches -- None -- Internal investigation -- External investigation -- Joint task force | |
| 520 | |a This book provides a general discussion and education about information security breaches, how they can be treated and what ISO27001 can offer in that regard, spiced with a number of real-life stories of information security incidents and breaches. These case studies enable an in-depth analysis of the situations companies face in real life, and contain valuable lessons an organisation can learn from when putting appropriate measures in place to prevent a breach. The author explains what your top priorities should be the moment you realise a breach has occured, making this book essential reading for IT security managers, chief security officers, chief information officers and chief executive officers. It will be of use to personnel in non-IT roles, in an effort to make this subject more comprehensible to those who, in a worst-case scenario, will be on the receiving end of requests for six- or seven-figure excess budgets to cope with severe incidents."-- |c Edited summary from book | ||
| 504 | |a Includes bibliographical references. | ||
| 590 | |a JSTOR |b Books at JSTOR Demand Driven Acquisitions (DDA) | ||
| 590 | |a JSTOR |b Books at JSTOR Evidence Based Acquisitions | ||
| 590 | |a JSTOR |b Books at JSTOR All Purchased | ||
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Computer crimes. | |
| 650 | 0 | |a Electronic information resources |x Access control. | |
| 650 | 2 | |a Computer Security | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Criminalité informatique. | |
| 650 | 6 | |a Sources d'information électroniques |x Accès |x Contrôle. | |
| 650 | 7 | |a COMPUTERS |x General. |2 bisacsh | |
| 650 | 7 | |a Computer crimes. |2 fast |0 (OCoLC)fst00872063 | |
| 650 | 7 | |a Computer security. |2 fast |0 (OCoLC)fst00872484 | |
| 650 | 7 | |a Electronic information resources |x Access control. |2 fast |0 (OCoLC)fst00907296 | |
| 776 | 0 | 8 | |i Print version: |a Krausz, Michael. |t Managing information security breaches : studies from real life. |b Second edition. |d Cambridgeshire, England : IT Governance Publishing, ©2014 |h 199 pages |z 9781849285957 |
| 856 | 4 | 0 | |u https://jstor.uam.elogim.com/stable/10.2307/j.ctt14tqch6 |z Texto completo |
| 936 | |a BATCHLOAD | ||
| 938 | |a EBL - Ebook Library |b EBLB |n EBL3015817 | ||
| 938 | |a ebrary |b EBRY |n ebr11022437 | ||
| 938 | |a EBSCOhost |b EBSC |n 957892 | ||
| 938 | |a YBP Library Services |b YANK |n 12302804 | ||
| 994 | |a 92 |b IZTAP | ||