The CIO's guide to information security incident management

This book will help IT and business operations managers who have been tasked with addressing security issues. It provides a solid understanding of security incident response and detailed guidance in the setting up and running of specialist incident management teams. Having an incident response plan is required for compliance with government regulations, industry standards such as PCI DSS, and certifications such as ISO 27001. This book will help organizations meet those compliance requirements.

Introduction Authors Chapter 1 Oh, No. It's All Gone Horribly Wrong! Chapter 2 And, Breathe ... Chapter 3 The First Day of the Rest of Your Life Chapter 4 Introduction Amber Inc. and Jade Ltd. Chapter 5 And What Is a Security Incident? Chapter 6 The Incident Timeline Chapter 7 Types and Priorities Chapter 8 The Investigation Cycle Chapter 9 Roles and Responsibilities Chapter 10 Policies and Documentation Chapter 11 Selecting, Building and Motivating Your Team Chapter 12 Information and Communications Systems Chapter 13 Managing the Backstage Crew Chapter 14 Dealing with External Agencies Chapter 15 Training, Qualification and Certification Chapter 16 Managing the Investigations Cycle: Notification, Reporting and Expectancy Management Chapter 17 Team Management Chapter 18 Recording Information, Activities and Decisions Chapter 19 Post-Incident Review Chapter 20 Network and Security Monitoring Chapter 21 Special Handling Investigations Chapter 22 Crisis Management and Disaster Recovery Chapter 23 Next Steps for the CIO Index