Cyber breach response that actually works (Record no. 69286)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 04586cam a2200457Ia 4500 |
| 001 - CONTROL NUMBER | |
| control field | on1159165163 |
| 005 - DATE AND TIME OF LATEST TRANSACTION | |
| control field | 20220711203605.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION | |
| fixed length control field | 200620s2020 inu o 001 0 eng d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 9781119679349 |
| -- | (electronic bk. : oBook) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 1119679346 |
| -- | (electronic bk. : oBook) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 9781119679318 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 1119679311 |
| 082 04 - CLASSIFICATION NUMBER | |
| Call Number | 005.8 |
| 100 1# - AUTHOR NAME | |
| Author | Gorecki, Andrew. |
| 245 10 - TITLE STATEMENT | |
| Title | Cyber breach response that actually works |
| Sub Title | organizational approach to managing residual risk / |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) | |
| Place of publication | Indianapolis : |
| Publisher | Wiley, |
| Year of publication | 2020. |
| 300 ## - PHYSICAL DESCRIPTION | |
| Number of Pages | 1 online resource (323 p.) |
| 500 ## - GENERAL NOTE | |
| Remark 1 | Description based upon print version of record. |
| 505 0# - FORMATTED CONTENTS NOTE | |
| Remark 2 | Cover -- Title Page -- Copyright Page -- About the Author -- About the Technical Editors -- Acknowledgments -- Contents at a Glance -- Contents -- Foreword -- Introduction -- Who Should Read This Book -- How This Book Is Organized -- How to Contact Wiley or the Author -- Notes -- Chapter 1 Understanding the Bigger Picture -- Evolving Threat Landscape -- Identifying Threat Actors -- Cyberattack Lifecycle -- Defining Cyber Breach Response -- Events, Alerts, Observations, Incidents, and Breaches -- What Is Cyber Breach Response? -- Identifying Drivers for Cyber Breach Response -- Risk Management |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Remark 2 | Cyber Threat Intelligence -- Laws and Regulations -- Changing Business Objectives -- Incorporating Cyber Breach Response into a Cybersecurity Program -- Strategic Planning -- Designing a Program -- Implementing Program Components -- Program Operations -- Continual Improvement -- Strategy Development -- Strategic Assessment -- Strategy Definition -- Strategy Execution -- Roadmap Development -- Governance -- Establishing Policies -- Identifying Key Stakeholders -- Business Alignment -- Continual Improvement -- Summary -- Notes -- Chapter 2 Building a Cybersecurity Incident Response Team |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Remark 2 | Defining a CSIRT -- CSIRT History -- Defining Incident Response Competencies and Functions -- Proactive Functions -- Reactive Functions -- Creating an Incident Response Team -- Creating an Incident Response Mission Statement -- Choosing a Team Model -- Organizing an Incident Response Team -- Hiring and Training Personnel -- Establishing Authority -- Introducing an Incident Response Team to the Enterprise -- Enacting a CSIRT -- Defining a Coordination Model -- Communication Flow -- Assigning Roles and Responsibilities -- Business Functions -- Legal and Compliance |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Remark 2 | Information Technology Functions -- Senior Management -- Working with Outsourcing Partners -- Outsourcing Considerations -- Establishing Successful Relationships with Vendors -- Summary -- Notes -- Chapter 3 Technology Considerations in Cyber Breach Investigations -- Sourcing Technology -- Comparing Commercial vs. Open Source Tools -- Developing In-House Software Tools -- Procuring Hardware -- Acquiring Forensic Data -- Forensic Acquisition -- Live Response -- Incident Response Investigations in Virtualized Environments -- Traditional Virtualization -- Cloud Computing |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Remark 2 | Leveraging Network Data in Investigations -- Identifying Forensic Evidence in Enterprise Technology Services -- Domain Name System -- Dynamic Host Configuration Protocol -- Web Servers -- Databases -- Security Tools -- Log Management -- What Is Logging? -- What Is Log Management? -- Log Management Lifecycle -- Collection and Storage -- Managing Logs with a SIEM -- Summary -- Notes -- Chapter 4 Crafting an Incident Response Plan -- Incident Response Lifecycle -- Preparing for an Incident -- Detecting and Analyzing Incidents -- Containment, Eradication, and Recovery -- Post-Incident Activities |
| 500 ## - GENERAL NOTE | |
| Remark 1 | Understanding Incident Management |
| 500 ## - GENERAL NOTE | |
| Remark 1 | Includes index. |
| 590 ## - LOCAL NOTE (RLIN) | |
| Local note | John Wiley and Sons |
| 650 #0 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| General subdivision | Management. |
| 650 #7 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| General subdivision | Management. |
| 856 40 - ELECTRONIC LOCATION AND ACCESS | |
| Uniform Resource Identifier | https://doi.org/10.1002/9781119679349 |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) | |
| Koha item type | eBooks |
| 650 #0 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| -- | Computer security |
| 650 #7 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| -- | Computer security |
| -- | (OCoLC)fst00872493 |
| 994 ## - | |
| -- | 92 |
| -- | DG1 |
No items available.