Even when organisations take precautions, they may still be at risk of a data breach. Information security incidents do not just affect small businesses: major companies and government departments suffer from them as well. Completely up to date with ISO/IEC 27001:2013, Managing Information Security Breaches sets out a strategic framework for handling this kind of emergency.
The book provides a general discussion and education about information security breaches, how they can be treated and what ISO 27001 can offer in that regard, spiced with a number of real-life stories of information security incidents and breaches. The case studies enable an in-depth analysis of the situations companies face in real life, and contain valuable lessons that your organisation can learn from when putting appropriate measures in place to prevent a breach.
The author explains what your top priorities should be the moment you realise a breach has occurred, making this book essential reading for IT security managers, chief security officers, chief information officers and chief executive officers. It will also be of use to personnel in non-IT roles, in an effort to make this unwieldy subject more comprehensible to those who, in a worst-case scenario, will be on the receiving end of requests for six- or seven-figure excess budgets to cope with severe incidents.
Get your copy of this comprehensive guide to managing an information security incident.
1: Why Risk does Not Depend on Company Size
2: Getting your Risk Profile Right
3: What is a Breach?
4: General Avoidance and Mitigation Strategies
5: Notes from the Field
6: Motives and Reasons
7: Case Studies from Small Companies
8: Case Studies from medium-sized companies
9: Case Studies from Large Corporations
10: A Sample Treatment Process