Most businesses are aware of the danger posed by malicious network intruders and other internal and external security threats. Unfortunately, in many cases the actions they have taken to secure people, information and infrastructure from outside attacks are inefficient or incomplete. Responding to security threats and incidents requires a competent mixture of risk management, security policies and procedures, security auditing, incident response, legal and law enforcement issues, and privacy.
Critical Incident Management presents an expert overview of the elements that organizations need to address in order to prepare for and respond to network and information security violations. Written in a concise, practical style that emphasizes key points, this guide focuses on the establishment of policies and actions that prevent the loss of critical information or damage to infrastructure.
CTOs, CFOs, Chief Legal Officers, and senior IT managers can rely on this book to develop plans that thwart critical security incidents. And if such incidents do occur, these executives will have a reference to help put the people and procedures in place to contain the damage and get back to business.
Table of Contents
Policies and Procedures
Critical Incident Response and CIRT Development
A-Ports listing for numbers 1-1023
B-RFC 2136-Systems Security
C-Tools for critical incident management
"…explains how to avoid incidents in the first place…The book is so detailed that it sometimes feels like a dense field guide for auditors who cover incident management…contains many gems, such as the legal aspects of critical incidents, from lawsuits and evidence to reporting requirements…offers many ideas for security managers who are considering setting up an incident management team or want to find ways to improve what they have."
Vince Tuesday, Computer World