Book description
A comprehensive guide to managing an information security incident
Even when organisations take precautions, they may still be at risk of a data breach. Information security incidents do not just affect small businesses: major companies and government departments suffer from them as well. Completely up to date with ISO/IEC 27001:2013, Managing Information Security Breaches sets out a strategic framework for handling this kind of emergency.
The book provides a general discussion and education about information security breaches, how they can be treated and what ISO 27001 can offer in that regard, spiced with a number of real-life stories of information security incidents and breaches. These case studies enable an in-depth analysis of the situations companies face in real life, and contain valuable lessons that your organisation can learn from when putting appropriate measures in place to prevent a breach.
Understand what your top information security priorities should be
The author explains what your top priorities should be the moment you realise a breach has occurred, making this book essential reading for IT security managers, chief security officers, chief information officers and chief executive officers. It will also be of use to personnel in non-IT roles, in an effort to make this unwieldy subject more comprehensible to those who, in a worst-case scenario, will be on the receiving end of requests for six- or seven-figure excess budgets to cope with severe incidents.
About the author
Michael Krausz studied physics, computer science and law at the Vienna University of Technology, Vienna University and Webster University. Over the last 20 years he has become an accomplished professional investigator, IT expert and ISO 27001 auditor, investigating over a hundred cases of information security breaches. He has delivered over 5,000 hours of professional and academic training, and has provided consulting or investigation services in 21 countries.
Buy this book today and better understand how to manage information security breaches in your organisation.
Table of contents
- Cover
- Title
- Copyright
- Foreword
- Preface
- About the Author
- Acknowledgements
- Contents
- Introduction
- Part 1 – General
-
Part 2 – Case studies
- Chapter 5: Notes from the Field
- Chapter 6: Motives and Reasons
- Chapter 7: Case Studies from Small Companies
- Chapter 8: Case Studies from Medium-sized Companies
-
Chapter 9: Case Studies from Large Corporations
- Who wants my data? – a case of data theft
- Who wants my data? – a more complicated case
- Hard disk for sale – beware of your contractors
- Unauthorised domain links – it is easy to harm a company’s reputation
- The trusted guard who was not
- Insider badmouthing
- The software vulnerability that was not – a case of blackmail
- Part 3 – A Sample Treatment Process
- Abbreviations and Acronyms
- ITG Resources
Product information
- Title: Managing Information Security: Studies from real life
- Author(s):
- Release date: January 2015
- Publisher(s): IT Governance Publishing
- ISBN: 9781849285964
You might also like
book
Managing Information Security Breaches: Studies from Real Life
Even when organisations take precautions, they may still be at risk of a data breach. Information …
book
Information Security Risk Management for ISO27001/ISO27002
Plan and carry out a risk assessment to protect your business information. In the knowledge economy, …
book
Information Security Management Principles - Second edition
Commercial, personal and sensitive information is very hard to keep secure, and technological solutions are not …
book
Information Risk Management: A practitioner’s guide
Increasingly, organisations rely on information for their day-to-day operations, and the loss or unavailability of information …