Managing Information Security: : Studies from real life / Krausz, Michael.

Format:

Book

Author/Creator:

Krausz, Michael, author.

Contributor:

IT Governance Publishing, Editor.

Language:

English

Subjects (All):

Computer security.

Computer crimes.

Electronic information resources--Access control.

Electronic information resources.

Computer networks--Security measures.

Computer networks.

Physical Description:

1 online resource (199 pages)

Edition:

2nd edition

Place of Publication:

IT Governance Publishing, 2015.

System Details:

Mode of access: World Wide Web.

text file

Summary:

A comprehensive guide to managing an information security incident Even when organisations take precautions, they may still be at risk of a data breach. Information security incidents do not just affect small businesses: major companies and government departments suffer from them as well. Completely up to date with ISO/IEC 27001:2013, Managing Information Security Breaches sets out a strategic framework for handling this kind of emergency. The book provides a general discussion and education about information security breaches, how they can be treated and what ISO 27001 can offer in that regard, spiced with a number of real-life stories of information security incidents and breaches. These case studies enable an in-depth analysis of the situations companies face in real life, and contain valuable lessons that your organisation can learn from when putting appropriate measures in place to prevent a breach. Understand what your top information security priorities should be The author explains what your top priorities should be the moment you realise a breach has occurred, making this book essential reading for IT security managers, chief security officers, chief information officers and chief executive officers. It will also be of use to personnel in non-IT roles, in an effort to make this unwieldy subject more comprehensible to those who, in a worst-case scenario, will be on the receiving end of requests for six- or seven-figure excess budgets to cope with severe incidents. About the author Michael Krausz studied physics, computer science and law at the Vienna University of Technology, Vienna University and Webster University. Over the last 20 years he has become an accomplished professional investigator, IT expert and ISO 27001 auditor, investigating over a hundred cases of information security breaches. He has delivered over 5,000 hours of professional and academic training, and has provided consulting or investigation services in 21 countries. Buy this book today and better understand how to manage information security breaches in your organisation.

Contents:

Intro

Foreword

Preface

About the Author

Acknowledgements

Contents

Introduction

Part 1 - General

Chapter 1: Why Risk does Not Depend on Company Size

Risk effect

Propagation of damage (downstream effects)

Culture

Information security staff

Cash reserves / cash at hand

Ability to improvise / make quick decisions

Preparedness

Contacts with authority

Chapter 2: Getting your Risk Profile Right

Intuitive risk analysis

Formal risk analysis

Step 1 - Identifying threats

Step 2 - Assigning damage and likelihood

Step 3 - Defining acceptable loss

Step 4 - Defining mitigation priorities (business priorities)

Residual risks

Chapter 3: What is a Breach?

Confidentiality breach

Availability breach

Integrity breach

Impact

Source

External vs. internal

Unintentional vs. intentional

Manual vs. automatic

Human vs. nature

General treatment options

Chapter 4: General Avoidance and Mitigation Strategies

Introduction - general aspects, avoidance and related ISO27001 controls

People

A.7.1.1 - Screening

Methods of screening

A.7.1.2 - Terms and conditions of employment

A.7.2.1 - Management responsibilities

A.7.2.2 - Information security awareness, education and training

A.7.2.3 - Disciplinary process

A.7.3.1 - Termination or change of employment

A.8.1.4 - Return of assets

A.9.2.6 - Removal or adjustment of access rights

Processes

Technology

ISO27001 Controls helpful for treatment of breaches

A.6.1.3 - Contact with authorities

A.7.2.3 - Disciplinary process A.8.1.4 - Return of assets A.9.2.6 - Removal or adjustment of access rights

A.12.2.1 - Controls against malware

A.12.4.1 - Event logging and

A.12.4.2 - Protection of log information.

A.16.1.1 - Responsibilities and procedures

A.16.1.2 - Reporting information security events

A.16.1.3 - Reporting security weaknesses

A.16.1.4 - Assessment of and decision on information security events

A.16.1.5 - Response to information security incidents

A.16.1.6 - Learning from information security incidents

A.16.1.7 - Collection of evidence

Strategies and tactics for treating breaches

Tactical advice

Regular meetings

Time, time, time

Rest

People (number)

International contacts

Keep the information flowing

Keep minutes

Additional quality feedback

Dimensions of treatment / mitigation of information security breaches

None

Internal investigation

External investigation

Joint task force

Part 2 - Case studies

Chapter 5: Notes from the Field

Privacy

Cost

The practicalities of surveillance

Speed

Outreach

The truth vs. company policy

Chapter 6: Motives and Reasons

Greed

Despair

Revenge

Business advantage

Chapter 7: Case Studies from Small Companies

Foreword to the case studies

The stolen backup

In-depth explanation

Lessons learned

Eavesdropping on faxes

A stolen laptop

Chapter 8: Case Studies from Medium-sized Companies

A case of intrigue - the missing contract

The sales manager who changed jobs

The project manager who became a friend, and then an enemy

The lost customers - how a sales manager cost a company 10% of revenue

The flood - how not to learn about risk management

Chapter 9: Case Studies from Large Corporations

Who wants my data? - a case of data theft.

In-depth explanation

Who wants my data? - a more complicated case

Hard disk for sale - beware of your contractors

Unauthorised domain links - it is easy to harm a company's reputation

The trusted guard who was not

Insider badmouthing

The software vulnerability that was not - a case of blackmail

Part 3 - A Sample Treatment Process

Chapter 10: A Sample Treatment Process

Step 1 Gather information

Step 2 Determine extent and damage

Step 3 Establish and conduct investigation

Step 4 Determine mitigation

Step 5 Implement mitigation

Step 6 Follow up on investigation results

Step 7 Determine degree of resolution achieved

Abbreviations and Acronyms

ITG Resources.

Notes:

Includes bibliographical references and index.

Online resource; Title from title page (viewed January 29, 2015)

Description based on publisher supplied metadata and other sources.

ISBN:

9781849285964

1849285969

OCLC:

911246694