book

Developing Cybersecurity Programs and Policies, 3rd Edition

by Omar Santos, Sari Greene

August 2018

Intermediate to advanced

672 pages

19h 24m

English

Pearson

Read now

Unlock full access

Information Security vs. Cybersecurity PoliciesLooking at Policy Through the AgesCybersecurity PolicyCybersecurity Policy Life CycleSummaryTest Your Skills
Policy HierarchyWriting Style and TechniquePolicy FormatSummaryTest Your Skills
Confidentiality, Integrity, and AvailabilityNIST’s Cybersecurity FrameworkSummaryTest Your Skills
Understanding Cybersecurity PoliciesCybersecurity RiskSummaryTest Your Skills
Information Assets and SystemsInformation ClassificationLabeling and Handling StandardsInformation Systems InventoryUnderstanding Data Loss Prevention TechnologiesSummaryTest Your Skills
The Employee Life CycleThe Importance of Employee AgreementsThe Importance of Security Education and TrainingSummaryTest Your Skills
Understanding the Secure Facility Layered Defense ModelProtecting EquipmentSummaryTest Your Skills
Standard Operating ProceduresOperational Change ControlMalware ProtectionData ReplicationSecure MessagingActivity Monitoring and Log AnalysisService Provider OversightThreat Intelligence and Information SharingSummaryTest Your Skills
Access Control FundamentalsInfrastructure Access ControlsUser Access ControlsSummaryTest Your Skills
System Security RequirementsSecure CodeCryptographySummaryTest Your Skills
Incident ResponseWhat Happened? Investigation and Evidence HandlingData Breach Notification RequirementsSummaryTest Your Skills
Emergency PreparednessBusiness Continuity Risk ManagementThe Business Continuity PlanPlan Testing and MaintenanceSummaryTest Your Skills
The Gramm-Leach-Bliley ActNew York’s Department of Financial Services Cybersecurity Regulation (23 NYCRR Part 500)What Is a Regulatory Examination?Personal and Corporate Identity TheftSummaryTest Your Skills
The HIPAA Security RuleThe HITECH Act and the Omnibus RuleUnderstanding the HIPAA Compliance Enforcement ProcessSummaryTest Your Skills
Protecting Cardholder DataPCI ComplianceSummaryTest Your Skills
Introducing the NIST Cybersecurity Framework ComponentsThe Framework CoreFramework Implementation Tiers (“Tiers”)NIST’s Recommended Steps to Establish or Improve a Cybersecurity ProgramNIST’s Cybersecurity Framework Reference ToolAdopting the NIST Cybersecurity Framework in Real LifeSummaryTest Your Skills

Content preview from Developing Cybersecurity Programs and Policies, 3rd Edition

Chapter 11 Cybersecurity Incident Response

Chapter Objectives

After reading this chapter and completing the exercises, you will be able to do the following:

Prepare for a cybersecurity incident.
Identify a cybersecurity incident.
Understand the incident response plan.
Understand the incident response process.
Understand information sharing and coordination.
Identify incident response team structure.
Understand federal and state data breach notification requirements.
Consider an incident from the perspective of the victim.
Create policies related to security incident management.

Incidents happen. Security-related incidents have become not only more numerous and diverse but also more damaging and disruptive. A single incident can cause the ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Developing Cybersecurity Programs and Policies in an AI-Driven World, 4th Edition

Omar Santos

Security Program and Policies: Principles and Practices, Second Edition

Sari Greene

Cybersecurity – Attack and Defense Strategies, 3rd edition - Third Edition

Yuri Diogenes, Dr. Erdal Ozkaya

Security Policies and Implementation Issues, 3rd Edition

Robert Johnson, Chuck Easttom

Publisher Resources

ISBN: 9780134858623

Chapter 11

Cybersecurity Incident Response