• Complain

Eric C. Thompson - Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents

Here you can read online Eric C. Thompson - Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2018, publisher: Apress, genre: Computer / Science. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Eric C. Thompson Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents
  • Book:
    Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents
  • Author:
  • Publisher:
    Apress
  • Genre:
  • Year:
    2018
  • Rating:
    3 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 60
    • 1
    • 2
    • 3
    • 4
    • 5

Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Create, maintain, and manage a continual cybersecurity incident response program using the practical steps presented in this book. Dont allow your cybersecurity incident responses (IR) to fall short of the mark due to lack of planning, preparation, leadership, and management support.Surviving an incident, or a breach, requires the best response possible. This book provides practical guidance for the containment, eradication, and recovery from cybersecurity events and incidents.The book takes the approach that incident response should be a continual program. Leaders must understand the organizational environment, the strengths and weaknesses of the program and team, and how to strategically respond. Successful behaviors and actions required for each phase of incident response are explored in the book. Straight from NIST 800-61, these actions include:Planning and practicingDetectionContainmentEradicationPost-incident actionsWhat Youll LearnKnow the sub-categories of the NIST Cybersecurity FrameworkUnderstand the components of incident responseGo beyond the incident response planTurn the plan into a program that needs vision, leadership, and culture to make it successfulBe effective in your role on the incident response teamWho This Book Is ForCybersecurity leaders, executives, consultants, and entry-level professionals responsible for executing the incident response plan when something goes wrong

Eric C. Thompson: author's other books


Who wrote Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents? Find out the surname, the name of the author of the book and a list of all author's works by series.

Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Contents
Landmarks
Eric C Thompson Cybersecurity Incident Response How to Contain Eradicate - photo 1
Eric C. Thompson
Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents
Eric C Thompson Lisle Illinois USA Any source code or other supplementary - photo 2
Eric C. Thompson
Lisle, Illinois, USA

Any source code or other supplementary material referenced by the author in this book is available to readers on GitHub via the books product page, located at www.apress.com/9781484238691 . For more detailed information, please visit http://www.apress.com/source-code .

ISBN 978-1-4842-3869-1 e-ISBN 978-1-4842-3870-7
https://doi.org/10.1007/978-1-4842-3870-7
Library of Congress Control Number: 2018957666
Eric C. Thompson 2018
This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed.
Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights.
While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein.
Distributed to the book trade worldwide by Springer Science+Business Media New York, 233 Spring Street, 6th Floor, New York, NY 10013. Phone 1-800-SPRINGER, fax (201) 348-4505, e-mail orders-ny@springer-sbm.com, or visit www.springeronline.com. Apress Media, LLC is a California LLC and the sole member (owner) is Springer Science + Business Media Finance Inc (SSBM Finance Inc). SSBM Finance Inc is a Delaware corporation.
Introduction

There are two reasons I wrote this book. The first, Ive sat through several incident response table-top exercises and witnessed firsthand how uncomfortable the process is when one does not feel prepared. Second, I read Urban Meyers book above the line, which I felt spoke to me about how to create a culture of preparation, teamwork and no excuses.

This book is not a technical book with deep dives into incident response forensics. You will not learn how to perform and analyze memory dumps here. This work focuses on how to establish an incident response program. It focuses on policy, strategy, people and process. It was written for members of incident response teams building and enhancing the program and for executives and members of management. Stakeholder in incident response not part of IT can read this book and get a sense of what the incident response program should look like.

This book begins by discussing the need for strong incident response capabilities. In this current landscape, cybersecurity programs are judged by the ability to respond to incidents. Necessary protective capabilities must exist and a framework for responding to incidents established. Leadership qualities, strategy development and pre-planning are covered. Each phase of incident response: identification, containment, eradication and recovery are outlined in detail before discussion how to monitor the program using NIST 800-137 is presented.

The book is ends with a story about an incident designed to show how unplanned and unfocused responses leads to worse outcomes.

The reader is left with thoughts on how take action toward building and enhancing the incident response program, and knowledge of how much effort it takes to be successful.

Acknowledgments

Again, I want to thank Susan McDermott and Rita Fernando for making this project come to life. Also, thank you to Andy Reeder for his help as technical editor.

Table of Contents
About the Author and About the Technical Reviewer
About the Author
Eric C. Thompson
is an accomplished governance risk and compliance professional As of - photo 3
is an accomplished governance, risk, and compliance professional. As of Director of Information Security and Compliance at Blue Health Intelligence (BHI), Eric leads efforts to increase cyber security maturity in several domains, including governance, policy and controls, risk management, cyber security strategy, and business alignment. He established the risk management function which includes assessment, analysis and treatments of risks, threat and vulnerability management strategy, and due diligence requirements for assessing third-party risk. In his new role, Eric added cybersecurity operations and incident response to his list of responsibilities. Both are now information security passions.

Prior to BHI, Eric spent seven years at Ernst & Young in the Advisory practice where he specialized in helping healthcare organizations (providers, payers, and business associates) solve problems related to information security, risk management, and compliance when dealing with electronic medical records. Eric led the HITRUST Common Security Framework (CSF) cybersecurity program management and third-party risk management assessments.

Eric is also a proud member of the SANS Mentor team.

About the Technical Reviewer
Andrew Reeder
serves as the HIPAA Health Insurance Portability and Accountability Act of - photo 4
serves as the HIPAA (Health Insurance Portability and Accountability Act of 1996) security officer and director of HIPAA Privacy at Rush University Medical Center, a major academic medical center in Chicago. In this role, Andy provides leadership in achieving regulatory compliance related to information-protection requirements, with major responsibilities including response and investigation into HIPAA privacy and security incidents, coordination of patient privacy rights actions, and policy development. Andy also serves as an adjunct faculty member in the College of Computing and Digital Media at DePaul University, where he teaches cybersecurity and information assurance topics at the graduate and undergraduate levels. Andy has been involved in providing privacy and information security services for many years and has previously served as director, Information Security, for a major Chicago-area regional healthcare provider and as a senior manager at a major professional services firm. He holds CISSP, CISA, CISM, CHPC, and HCISPP certifications and a masters degree in public administration.
Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents»

Look at similar books to Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents»

Discussion, reviews of the book Cybersecurity Incident Response How to Contain, Eradicate, and Recover from Incidents and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.