Managing Information Security Breaches

A comprehensive guide to managing an information security incident Even when organisations take precautions, they may still be at risk of a data breach. Information security incidents do not just affect small businesses; major companies and government departments suffer from them as well. Managing Information Security Breaches sets out a strategic framework for handling this kind of emergency. It focuses on the treatment of severe breaches and on how to re-establish safety and security once the breach has occurred. These recommendations support the controls for the treatment of breaches specified under ISO27001:2005. The author uses cases he has investigated to illustrate the various causes of a breach, ranging from the chance theft of a laptop at an airport to more systematic forms of data theft by criminal networks or for purposes of industrial espionage. These cases studies enable an in-depth analysis of the situations companies face in real life, and contain valuable lessons your organisation can learn from when putting in place appropriate measures to prevent a breach. The actions you take in response to a data breach can have a significant impact on your company's future. Michael Krausz explains what your top priorities should be the moment you realise a breach has occurred, making this book essential reading for IT managers and chief security officers.