The Computer Incident Response Planning Handbook: Executable Plans for Protecting Information at Risk

Based on proven, rock-solid computer incident response plans The Computer Incident Response Planning Handbookis derived from real-world incident response plans that work and have survived audits and repeated execution during data breaches and due diligence. The book provides an overview of attack and breach types, strategies for assessing an organization, types of plans, and case examples. Tips for keeping data contained, reputations defended, and recognizing and handling the magnitude of any given threat are included. The Computer Incident Response Planning Handbook Contains ready-to-implement incident response plans with guidelines for ongoing due diligence, all based on actual, working, and tested CIRPs Prepares you to immediately build a CIRP for any organization, and keep that plan maintained Explains all the essentials involved in developing both data breach and malware outbreak CIRPs derived from tested incident response plans that have survived the rigors of repeated execution Clearly explains how to minimize the risk of post-event litigation, brand impact, fines and penaltiesand how to protect shareholder value Supports corporate compliance with industry standards and requirements like PCI, HIPAA, SOX, CA SB-1386 All plans derived from the book are technology-agnostic Provides supplementary reading to professionals studying for the CERT Certified Computer Security Incident Handler exam or the SANS/GIAC Certified Incident Handler exam (GCIH) In-depth coverage: The Latest Cyber Attacks and How They Are Business Killers; The Nebulous Standard of Cyber Due Diligence &. The New Era of Information Risk; Introduction to Planning & Crisis; A Plan is Preparation Manifested; Getting More Out of Your Plans; Developing a Data Breach CIRP Incident Preparation, Plan Execution, and Post-incident Planning; Developing a Malware Outbreak CIRP Incident Preparation, Plan Execution, and Post-incident Planning; References

N.K. McCarthy has more than 20 years of experience in the IT sector, most recently managing the information security operations / threat and vulnerability management team for a Fortune 100 corporation. He is a retired Lieutenant Colonel in the U.S. Marine Corps Reserve where he served as an Information Warfare Officer working at the U.S. Strategic Command, the Pentagon, and the National Security Agency (NSA). Mr. McCarthy is currently on the Board of Directors of the San Francisco Bay Area and Silicon Valley chapter of the FBI's Infragard program.

Introduction: The Latest Cyber Attacks: Business Killers

Part 1: The Threat Landscape
Ch 1 Introduction to Planning & Crisis
Ch 2 The Nebulous Standard of Cyber Due Diligence & The New Era of Information Risk

Part 2: Planning for Crisis
Ch 3 A Plan is Preparation Manifested
Ch 4 Writing Your Computer Incident Response Plan

Part 3: Plan Development - Data Breach
Ch 5 Your Data Breach CIRP - Incident Preparation
Ch 6 Developing a Data Breach CIRP - Plan Execution
Ch 7 Your Data Breach CIRP - Post Incident Planning & Maintenance

Part 4: Plan Development - Malware
Ch 8 Your Malware Outbreak CIRP - Incident Preparation
Ch 9 Your Malware Outbreak CIRP - Plan Execution
Ch 10 Your Malware Outbreak CIRP - Post Incident Planning
Ch 11 Closing Thoughts