You are previewing Information Security Breaches: Avoidance and Treatment Based on ISO27001, 2nd Edition.
O'Reilly logo
Information Security Breaches: Avoidance and Treatment Based on ISO27001, 2nd Edition

Book Description

What if you suffer an information security breach?

Many titles explain how to reduce the risk of information security breaches. Nevertheless breaches do occur, even to organisations that have taken all reasonable precautions. Information Security Breaches - Avoidance and treatment based on ISO27001:2013 helps you to manage this threat by detailing what to do as soon as you discover a breach.

Be prepared, be prompt, be decisive

When your organisation’s security is compromised, you cannot afford to waste time deciding how to resolve the issue. You must be ready to take prompt and decisive action. Updated to cover ISO27001:2013, this second edition gives you clear guidance on how to treat an information security breach and tells you the plans and procedures you have to put in place to minimise damage and return to business as usual.

A recovery plan will help you to:

  • recover, and resume normal operations, more quickly
  • preserve customer confidence by quickly resolving service disruption
  • secure evidence to help with any criminal investigation and improve your chances of catching those responsible.
  • Read this guide and find out how to manage in the face of a data breach.

    From reviews of the 1st edition:

    '...I recommend this pocket guide to anyone implementing ISO27001, and indeed to anyone who is concerned about the risks of security breaches, and who wants to know how best to prepare their organization for the unpleasant events that are bound to happen from time to time...'

    Willi Kraml, Global Information Security Officer

    '…Michael Krausz has created a valuable tool … Written in plain English, this handbook is easy to follow even by a novice in the Information Technology Field. Therefore "Information Security Breaches" is a must within the 'tool box' of anyone who deals with IT issues on an every-day basis...' 

    Werner Preining, Interpool Security Ltd

    About the author

    Michael Krausz is an IT expert and experienced professional investigator. He has investigated over a hundred cases of information security breaches. Many of these cases have concerned forms of white-collar crime. Michael Krausz studied physics, computer science and law at the University of Technology in Vienna, and at Vienna and Webster universities. He has delivered over 5000 hours of professional and academic training and has provided services in eleven countries to date.