Book description
There are lots of books that will tell you what to do to prevent an information security breach. This book is different. It tells you what you have to do if a security breach occurs.
Table of contents
- Copyright
- Foreword
- Preface
- About the Author
- Acknowledgements
- Introduction
- 1. What Constitutes a Breach?
-
2. Treatment Using ISO27001
- Assess the damage
- Past or future?
- Initiate an investigation, secure all evidence
- Evaluate evidence
- Draft the report
- Final decision
- Follow up with tenacity
- Review
-
How ISO27001 supports the treatment of breaches
- A.6.1.6 – Contact with authorities
- A.8.2.2 – Information security awareness, education and training
- A.8.2.3 – Disciplinary process
- A.8.3.2 – Return of assets
- A.8.3.3 – Removal of access rights
- A.10.4.1 – Controls against malicious code
- A.10.10.1 – Audit logging
- A.10.10.3 – Protection of log information
- A.12.5.4 – Information leakage
- A.13.1.1 – Reporting information security events
- A.13.1.2 – Reporting security weaknesses
- A.13.2.1 – Responsibilities and procedures
- A.13.2.2 – Learning from information security incidents
- A.13.2.3 – Collection of evidence
- 4.2.1. c–f – Defining the risk assessment approach of the organisation
- 3. Case Studies
- ITG Resources
Product information
- Title: Information Security Breaches: Avoidance and Treatment based on ISO27001
- Author(s):
- Release date: December 2009
- Publisher(s): IT Governance Publishing
- ISBN: 9781849280273
You might also like
book
Information Security Breaches: Avoidance and Treatment Based on ISO27001, 2nd Edition
What if you suffer an information security breach? Many titles explain how to reduce the risk …
book
ISO27000 and Information Security: A Combined Glossary
Get to grips with key ISO27000 and information security vocabulary with this indispensable, concise pocket guide! …
book
Minding the Machines: Preventing Technological Disasters
Praise from readers "A superb book on how to prevent and minimize technological disasters." —P. Roy …
book
Cyber-Vigilance and Digital Trust
Cyber threats are ever increasing. Adversaries are getting more sophisticated and cyber criminals are infiltrating companies …