Computer Incident Response Planning Handbook Executable Plans for Protecting Information at Risk

ISBN-10: 007179039X
ISBN-13: 9780071790390
Edition: 2012
List price: $60.00 Buy it from $14.61
eBook available
This item qualifies for FREE shipping

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: Based on proven, rock-solid computer incident response plansThe Computer Incident Response Planning Handbookis derived from real-world incident response plans that work and have survived audits and repeated execution during data breaches and due  More...

Used Starting from $27.46
New Starting from $43.25
eBooks Starting from $60.00
Buy
what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!
You could win $10,000

Get an entry for every item you buy, rent, or sell.

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
Careers in Legal Assisting Online content $4.95 $1.99
Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $60.00
Copyright year: 2012
Publisher: McGraw-Hill Education
Publication date: 8/7/2012
Binding: Paperback
Pages: 240
Size: 7.25" wide x 9.00" long x 0.50" tall
Weight: 0.880
Language: English

Based on proven, rock-solid computer incident response plansThe Computer Incident Response Planning Handbookis derived from real-world incident response plans that work and have survived audits and repeated execution during data breaches and due diligence. The book provides an overview of attack and breach types, strategies for assessing an organization, types of plans, and case examples. Tips for keeping data contained, reputations defended, and recognizing and handling the magnitude of any given threat are included.The Computer Incident Response Planning HandbookContains ready-to-implement incident response plans with guidelines for ongoing due diligence, all based on actual, working, and tested CIRPsPrepares you to immediately build a CIRP for any organization, and keep that plan maintainedExplains all the essentials involved in developing both data breach and malware outbreak CIRPs derived from tested incident response plans that have survived the rigors of repeated executionClearly explains how to minimize the risk of post-event litigation, brand impact, fines and penalties—and how to protect shareholder valueSupports corporate compliance with industry standards and requirements like PCI, HIPAA, SOX, CA SB-1386All plans derived from the book are technology-agnosticProvides supplementary reading to professionals studying for the CERT Certified Computer Security Incident Handler exam or the SANS/GIAC Certified Incident Handler exam (GCIH)In-depth coverage:The Latest Cyber Attacks and How They Are Business Killers; The Nebulous Standard of Cyber Due Diligence &. The New Era of Information Risk; Introduction to Planning & Crisis; A Plan is Preparation Manifested; Getting More Out of Your Plans; Developing a Data Breach CIRP – Incident Preparation, Plan Execution, and Post-incident Planning; Developing a Malware Outbreak CIRP – Incident Preparation, Plan Execution, and Post-incident Planning; References

N.K. McCarthy, CISSP, has more than twenty years of information technology experience and currently manages information security operations/threat and vulnerability management for Safeway Corporation, where he manages an international staff and around-the-clock event monitoring. He has also managed information security operations and threat and vulnerability management for a Fortune 50 corporation as well as roles in IT that include systems programming, consultant, technical management and sales. He is a thirty year Marine Corps reservist holding the rank of Lieutenant Colonel and is currently assigned to U.S. Cyber Command. Post-9/11, he served as an Information Warfare Officer at the Pentagon and NSA. He was certified by FEMA for its Incident Command System and the National Incident Management System. He is on the board of directors of the San Francisco Bay Area/Silicon Valley chapter of the FBI’s Infragard program. McCarthy holds a BS in Computer Science and an MBA.

Acknowledgments
Introduction
The Threat Landscape
Introduction to Planning and Crisis
The Absence of Planning
Key Concepts
The OODA Loop
Fog of War
Friction
Center of Gravity
Unity of Command
Maintaining the Initiative
Tactical, Operational, and Strategic Perspectives
Requirements-Driven Execution
End State
Military Decision-Making Process
A Plan Is Preparation Manifested
Anticipation: Objectives and Requirements
Collaboration: Socialization and Normalization
Research: The Availability of Relevant Information
The Ad Hoc Organization for Time of Crisis
The Value of Documentation
Cyber Due Diligence in an Era of Information Risk
Regulation
Gramm-Leach-Bliley Act (Financial Services Modernization Act of 1999)
The Health Insurance Portability and Accountability Act of 1996
Sarbanes-Oxley Act of 2002
State Breach Requirements
Industry Standards
Federal/State Enforcement
Contractual Enforcement
What Standards?
ISO/IEC 27000 Series
FFIEC
PCI DSS
Service Organization Controls
Shared Assessments
How Do I Know that I'm Doing the Right Thing?
Independent Review
Internal Audit
Tabletop Exercises
How Do I Keep It Up?
COBIT
ISO/IEC 27005 (Information Security Risk Management)
ITIL
Bringing It Together
Top-Down Approval
Values
Policies
Ownership
Procedures and Controls
Measurement and Monitoring
Education
Calendar for Testing Processes and Controls
Independent Review
Internal Oversight
Planning for Crisis
Getting More Out of Your Plans
Proactively Using Plans During Period of Heightened Risk
Understanding How Your ISOC Works
Building Relationships Outside of IT
Leveraging Your CIRP to Develop Relationships with Law Enforcement
Using Plans to Augment Your Current ERM Efforts
Writing Your Computer Incident Response Plan
What Problem Are You Solving?
Don't Bother if You Don't Have an Executive Sponsor
Using an Advisory Committee: My Plan vs. Our Plan
Understanding Your Audiences
Leveraging the Table of Contents
Plan Introduction
Incident Preparation
Incident Detection, Analysis, and Declaration
Incident Response
Plan Maintenance/Post Incident
Development of an Ad Hoc Organization to Respond to Crisis
Plan Development: Data Breach
Your Data Breach CIRP: Incident Preparation
Foreword
Plan Introduction
Plan Objective
Plan Scope and Assumptions
Plan Execution and Command Topologies
Plan Structure
Updating and Synchronization
Incident Preparation
Statutory/Compliance Framework
Sensitive Data
PCI Data Map (End DERESTRICTED**
ISOC Threat Portfolio (PCI) (Tab B) "RESTRICTED**
PCI Log Data (Tab C)
Third-Party (Payment) Connections (Tab D)
Third-Party Services
PCI Forensic Investigator (PFI)
Identity Protection Services
Compromise Notification Fulfillment
Sources of Precursors and Indicators
Incident Thresholds
Data Threshold
Compromise Threshold
Incident Analysis
Technical Impact
Business Impact
Incident Categories
Priority 1
Priority 2
Non-Actionable/Informational
Incident Declaration
Incident Notification and Mobilization
Incident Documentation
Your Data Breach CIRP: Plan Execution
Plan Execution
Organization and Roles
Process and Rhythm
Synchronization and Decision-Making
Status Reports
Mandatory Reporting/Notification(s)
Payment Card Industry Data Security Standard (PCI DSS)
Release of "Public-Facing Documents"
Draft/Approve/Release Process
Public-Facing Documents Participants
Evidence Discovery and Retention
Criminal Prosecution
Civil Litigation
Managing Evidence
Liaison with Local Law Enforcement
XYZ Loss Prevention (LE Liaison)
Law Enforcement Points of Contact (POC) (Tab I)
Incident Containment, Eradication, and Recovery
The XYZ (Data Compromise) CIRP SWAT Team
Containment
Eradication and Recovery
Remediation
Compensating Controls
Disaster Recovery/Business Continuity
CIRP Roles and Responsibilities
Human Resources
Your Data Breach CIRP: Post Incident Planning and Maintenance
Post-Incident Activity
Incident Termination
Plan Maintenance
Overview
Regular Updates
Verification/Updates of Perishable Data
Annual Testing of the Plan
Plan Development: Malware
Your Malware Outbreak CIRP: Incident Preparation
Foreword
Plan Introduction
Plan Objective
Plan Execution and Command Topologies
Plan Ownership
Supporting Documentation
Incident Preparation
Isolation Points within the XYZ Enterprise
Business Impact Overlay of Isolation Points
ISOC Threat Portfolio
Third-Party Support Services
PCI Forensics Investigator (PFI)
BXD Long Sight Threat Management System
Incident Detection, Analysis, and Declaration
Sources of Precursors and Indicators
ISOC Monitoring Feeds
Field Services Responding to Malware Calls
NOC, Service Desk, and Other Internal Sources of Detection
Incident Threshold
Incident Analysis
Technical Impact
Business Impact
Incident Declaration
Incident Notification and Mobilization
Incident Documentation
Your Malware Outbreak CIRP: Plan Execution
Plan Execution
Organization and Roles
Operational Sequencing
Operational Priorities
Operational Resources
Synchronization and Decision Making
Your Malware Outbreak CIRP: Post Incident Planning and Maintenance
Incident Termination
Criteria for Terminating an Incident
Plan Maintenance
Overview
Quarterly Updates
Annual Testing of the Plan
Closing Thoughts
New Age for InfoSec Professionals
Paradigm #1: The New Consciousness of the Zero-Day Attack
Paradigm #2: The Need for Transparent Due Diligence
Paradigm #3: Consequence-Based Information Security
Paradigm #4: The Constant Challenge of Change
Paradigm #5: While We're All Focusing on the Silicon-Based Systems, the Bad Guys Are Targeting the Carbon-Based Ones
Appendixes
Useful Online Resources
Computer Incident Response Plan (CIRP) Management Checklist
Glossary
Index

×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×