Information Security Incident and Data Breach Management: A Step-by-Step Approach
معرفی کتاب «Information Security Incident and Data Breach Management: A Step-by-Step Approach» نوشتهٔ John Kyriazoglou، منتشرشده توسط نشر Apress L. P. در سال 2024. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
In today's digital landscape, safeguarding sensitive information is paramount. This book offers a comprehensive roadmap for managing and mitigating the impact of security incidents and data breaches. This essential guide goes beyond the basics, providing expert insights and strategies to help organizations of all sizes navigate the complexities of cybersecurity. With seven in-depth chapters and 10 appendices, this book covers everything from defining information security incidents and data breaches to understanding key privacy regulations such as GDPR and LGPD. You'll learn a practical, step-by-step approach to incident response, including how to assess and improve your organization's security posture. The book contains a well-tested and practical information security incident and breach management approach to manage information security incidents and data privacy breaches in four phases: Security and Breach Obligations and Requirements Comprehension; Security and Privacy Framework Assurance; Security Incident and Data Breach Response Management; and Security and Breach Response Process Evaluation. Knowing how to handle such security and breach issues will avoid compliance and sanctions to organizations of all types and protect the company’s reputation and brand name. Table of Contents About the Author About the Technical Reviewer Acknowledgments Prologue: Information Security Incident and Data Breach Management Approach Chapter 1: Information Security and Breach Definitions and Obligations Definitions of Information Security and Breach-Related Terms Definitions of Information Security and Threat Actors Information Security Threat Actors Definitions of Various Critical Information Security Terms Advanced Persistent Threat Malware Phishing Denial-of-Service Attack Ransomware Unauthorized Access Attempted Access Definition of an Information Security Incident Definitions of Controllers and Processors Controller Processor Definition of Personal Data and Data Subjects Personal Data Data Subject Definition of Data Breaches Security Obligations Data Breach Notification Obligations Recommended Actions Conclusion Chapter 2: Summarizing ISO 27K and Major Privacy Regulations ISO 27001 Summary New Version of ISO 27001 GDPR Summary GDPR Highlights 1. Personal Data Definitions 2. Data Protection Principles 3. PD Collection, Consent, and Legal Basis 4. Informing Data Subjects 5. Satisfying the Rights of Data Subjects 6. Data Protection Officer (DPO) 7. Controllers and Processors 8. Mandatory Breach Notification LGPD Highlights Data Protection Principles Legal Basis for Processing of Personal Data Consent Transparency Data Security Measures and Breach Notification Recommended Actions Conclusion Chapter 3: Information Security and Data Breach Response Framework Introduction Steps to Establish Security Incident and Data Breach Response Framework Step 1: Define Security Roles and Responsibilities Example 1: Board Security Responsibilities (BSR) Example 2: Senior Management Security Responsibilities (MSR) Example 3: Information Security Manager-Job Description Security Management Security Training and Awareness Performance Management Monitoring Step 2: Ensure Effective Implementation of IT Policies Step 3: Train Employees on Information Security Step 4: Prepare for Data Breach Management Action 4.1: Establish Your Personal Data Breach Response Group Action 4.2: Review Standards and Regulations Step 5: Train Employees on Data Privacy Action 5.1: Train Employees on Data Privacy Action 5.2: Ensure Employees Know Who to Contact Step 6: Understand Data Flows Step 7: Review Measures, Technology, and Third Parties Action 7.1: Evaluate Security Measures Action 7.2: Review the Technology Used Action 7.3: Review Processing of Data by Third Parties Conclusion Chapter 4: Managing Information Security Incidents Information Security Incident Management Approach Stage 1: Discovery and Analysis Step 1: Discover Security Incidents Step 2: Communicate Security Incidents Step 3: Analyze and Evaluate Security Incidents Step 4: Determine Response Strategy to Security Incidents Stage 2: Remediation Step 5: Contain Damage due to Security Incidents Step 6: Prevent Reinfection Step 7: Restore Affected Systems Stage 3: Documentation Step 8: Document the Incident Step 9: Report the Incident Step 10: Preserve Evidence Conclusion Chapter 5: Investigating Cybercrimes Introduction Cybercrime Investigation Steps Step 1: Conduct Initial Assessment Step 2: Confirm Investigator Readiness and Tools Step 3: Ensure Evidence Collection Step 4: Conduct Incident Analysis Step 5: Craft and Issue Report Step 6: Review Findings and Issues Step 7: Improve Methodology Conclusion Chapter 6: Managing Data Breaches Introduction Security Obligations Notification Obligations Data Breach Management Procedure Step 1: Ensure Data Breach Management Readiness Step 2: Identify Data Breaches Action 2.1: Ensure All Staff Know When an Incident Is a Personal Data Breach Action 2.2: Report Data Breaches Step 3: Investigate Data Breaches Action 3.1: Investigate the Source of the Breach Action 3.2: Determine the Number of People Affected Action 3.3: Research What Type of Data Are Involved Action 3.4: Review Protection Techniques of Breached Data Action 3.5: Review Mitigation Measures Action 3.6: Investigate Parties Involved Step 4: Respond to Data Breaches Action 4.1: Contain the Breach Action 4.2: Restore Systems Action 4.3: Assess Potential Harm Step 5: Preserve Evidence Step 6: Notify Authorities and Individuals Action 6.1: Investigate the Notification Obligation to the Supervisory Authority Action 6.2: Investigate Your Duty to Notify Individuals Step 7: Maintain Data Breach Documentation Action 7.1: Create and Maintain a Personal Data Breach Register Action 7.2: Maintain Data Breach Documentation Securely Conclusion Chapter 7: Improving Security Incident and Data Breach Responses Summary Improvement Steps Step 1: Assess Information Governance Controls Framework1 Issue 1: Information Security Incident and Data Breach Policies Issue 2: Risk Management Issue 3: Human Resource Management Issue 4: Third-Party Relationships Issue 5: Information Security Incident and Data Breach Response Management Step 2: Assess Security Incident Cost Step 3: Review Information Incident Response Process and Measures Step 4: Assess Data Breach Management Process and Measures Step 5: Review Lessons Step 6: Improve Processes and Measures Conclusion Appendices Appendix A Threat Intelligence Policy Objective Applicability Threat Definition Threat Intelligence Layers Threat Intelligence Policy Guidelines (TIG) Violation of This Policy Appendix B IT Logging Policy Objective Applicability and Enforcement Responsibilities Principles (P) What (W) Is to Be Logged Contents of the Log Appendix C Minimum IT Security and Privacy Controls Minimum IT Security Controls Controls for Servers (SC) Controls for Applications (AC) Controls for End Point Devices (EC) Minimum Privacy Controls Appendix D Staff Education and Training Policy Overview Objective Applicability Policy Principles (PP) Duties and Responsibilities Chief Executive Officer (CEO) Human Resources Manager Data Protection Officer Directors Staff Trainers Identification and Recognition of Training Needs Training Planning Method of Providing Training Types of Education Group Training On the Job Training Participation in a Conference (Conference Attendance) Self-Administered Training Application and Compliance Framework Appendix E IT and Digital Skills Checklist Basic or Minimum Required Skills (BS) Intermediate or Second-Level Skills (IS) Advanced or Third-Level Skills (AS) Appendix F Glossary of IT Concepts and Terms Appendix G Privacy Awareness, Communication, and Training Plan Action #1: Carry Out Ongoing Data Privacy Training for the Privacy Office Action #2: Execute Basic Privacy Training for Staff Action #3: Execute Additional Privacy Training for New Needs Action #4: Include Data Privacy Training into Other Corporate Training Action #5: Maintain Data Privacy Awareness Action #6: Maintain Data Privacy Professional Certification for Privacy Personnel Action #7: Measure Data Privacy Awareness and Training Activities Appendix H Information Security Incident Reporting Policy Objective Applicability Definitions Examples of Information Security Incidents Policy Principles (PP) Violation of This Policy Appendix I Information Security Incident Reporting Form Appendix J Data Breach Reporting Form End Notes Additional Resources IT and Digital Age Management Books IT Controls – English IT Controls – Spanish IT Auditing Digital Age Management Data Protection and Privacy Books Data Protection and Privacy System – Five Volumes GDPR Gap Analysis – Three Parts (Three E-books) Data Protection (GDPR) Audit Guide – Five Parts (Five E-books) The GDPR Employees’ Guide – Six Parts (Six E-books) Specialized Privacy Books Privacy Books in Portuguese Business Management Books Corporate Performance SME – GDPR Books Managing SMEs SME Internal Controls Human Aspects of Management Controls Duty of Care Workplace Wellness Virtual Management and Remote Working Books Virtual Management Remote Working Personal Development Personal Development Ancient Greek Wisdom Books Management Tools ISO 27001: 2022 Compliance Support Tools Disclaimer Index df-0.jpg
دانلود کتاب Information Security Incident and Data Breach Management: A Step-by-Step Approach