Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents

iebukes Apress 252 次浏览 没有评论
Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents Front Cover

Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents

by Eric C. Thompson
  • Length: 176 pages
  • Edition: 1st ed.
  • Publisher: Apress
  • Publication Date: 2018-11-17
  • ISBN-10: 1484238699
  • ISBN-13: 9781484238691
  • Sales Rank: #1995193 (See Top 100 Books)
Description

Create, maintain, and manage a continual cybersecurity incident response program using the practical steps presented in this book. Don’t allow your cybersecurity incident responses (IR) to fall short of the mark due to lack of planning, preparation, leadership, and management support.

Surviving an incident, or a breach, requires the best response possible. This book provides practical guidance for the containment, eradication, and recovery from cybersecurity events and incidents.

The book takes the approach that incident response should be a continual program. Leaders must understand the organizational environment, the strengths and weaknesses of the program and team, and how to strategically respond. Successful behaviors and actions required for each phase of incident response are explored in the book. Straight from NIST 800-61, these actions include:

  • Planning and practicing
  • Detection
  • Containment
  • Eradication
  • Post-incident actions

What You’ll Learn

  • Know the sub-categories of the NIST Cybersecurity Framework
  • Understand the components of incident response
  • Go beyond the incident response plan
  • Turn the plan into a program that needs vision, leadership, and culture to make it successful
  • Be effective in your role on the incident response team

Who This Book Is For

Cybersecurity leaders, executives, consultants, and entry-level professionals responsible for executing the incident response plan when something goes wrong

Table of Contents

Chapter 1: The Significance of Incident Response
Chapter 2: Necessary Prerequisites
Chapter 3: Incident Response Frameworks
Chapter 4: Leadership, Teams, and Culture
Chapter 5: The Incident Response Strategy
Chapter 6: Cyber Risks and the  Attack Life Cycle
Chapter 7: Detection and  Identification of Events
Chapter 8: Containment
Chapter 9: Eradication, Recovery, and Post-incident Review
Chapter 10: Continuous Monitoring of Incident Response Program
Chapter 11: Incident Response Story
Chapter 12: This Is a Full-Time Job
Appendix: NIST Cybersecurity Framework

下载地址:Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents(访问密码:6531)

 
 扫描二维码,关注微信公众号,发送“FWMM”获取下载访问密码,关注我,永不迷路  
                微信公众号二维码