This book will help IT and business operations managers who have been tasked with addressing security issues. It provides a solid understanding of security incident response and detailed guidance in the setting up and running of specialist incident management teams. Having an incident response plan is required for compliance with government regulations, industry standards such as PCI DSS, and certifications such as ISO 27001. This book will help organizations meet those compliance requirements.

chapter 1|8 pages

Oh, No. It's All Gone Horribly Wrong!

chapter 2|8 pages

And, Breathe …

chapter 3|4 pages

The First Day of the Rest of Your Life

chapter 4|4 pages

Introducing Amber Inc. and Jade Ltd.

chapter 5|7 pages

And What Is a Security Incident?

chapter 6|13 pages

The Incident Timeline

chapter 7|11 pages

Types and Priorities

chapter 8|21 pages

The Investigation Cycle

chapter 9|8 pages

Roles and Responsibilities

chapter 10|8 pages

Policies and Documentation

chapter 12|12 pages

Information and Communications Systems

chapter 13|12 pages

Managing the Backstage Crew

chapter 14|8 pages

Dealing with External Agencies

chapter 15|8 pages

Training, Qualification and Certification

chapter 16|13 pages

Managing the Investigations Cycle

Notification, Reporting and Expectancy Management

chapter 17|8 pages

Team Management

chapter 19|13 pages

Post-Incident Review

chapter 20|11 pages

Network and Security Monitoring

chapter 21|9 pages

Special Handling Investigations

chapter 22|8 pages

Crisis Management and Disaster Recovery

chapter 23|7 pages

Next Steps for the CIO