Data Breach Preparation and Response
eBook - ePub

Data Breach Preparation and Response

Breaches are Certain, Impact is Not

Kevvie Fowler

  1. 254 pages
  2. English
  3. ePUB (adapté aux mobiles)
  4. Disponible sur iOS et Android
eBook - ePub

Data Breach Preparation and Response

Breaches are Certain, Impact is Not

Kevvie Fowler

DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations

À propos de ce livre

Data Breach Preparation and Response: Breaches are Certain, Impact is Not is the first book to provide 360 degree visibility and guidance on how to proactively prepare for and manage a data breach and limit impact. Data breaches are inevitable incidents that can disrupt business operations and carry severe reputational and financial impact, making them one of the largest risks facing organizations today. The effects of a breach can be felt across multiple departments within an organization, who will each play a role in effectively managing the breach. Kevvie Fowler has assembled a team of leading forensics, security, privacy, legal, public relations and cyber insurance experts to create the definitive breach management reference for the whole organization.

  • Discusses the cyber criminals behind data breaches and the underground dark web forums they use to trade and sell stolen data
  • Features never-before published techniques to qualify and discount a suspected breach or to verify and precisely scope a confirmed breach
  • Helps identify your sensitive data, and the commonly overlooked data sets that, if stolen, can result in a material breach
  • Defines breach response plan requirements and describes how to develop a plan tailored for effectiveness within your organization
  • Explains strategies for proactively self-detecting a breach and simplifying a response
  • Covers critical first-responder steps and breach management practices, including containing a breach and getting the scope right, the first time
  • Shows how to leverage threat intelligence to improve breach response and management effectiveness
  • Offers guidance on how to manage internal and external breach communications, restore trust, and resume business operations after a breach, including the critical steps after the breach to reduce breach-related litigation and regulatory fines
  • Illustrates how to define your cyber-defensible position to improve data protection and demonstrate proper due diligence practices

Foire aux questions

Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier l’abonnement ». C’est aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via l’application. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă  la bibliothĂšque et Ă  toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode d’abonnement : avec l’abonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă  12 mois d’abonnement mensuel.
Qu’est-ce que Perlego ?
Nous sommes un service d’abonnement Ă  des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă  toute une bibliothĂšque pour un prix infĂ©rieur Ă  celui d’un seul livre par mois. Avec plus d’un million de livres sur plus de 1 000 sujets, nous avons ce qu’il vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Écouter sur votre prochain livre pour voir si vous pouvez l’écouter. L’outil Écouter lit le texte Ă  haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, l’accĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Data Breach Preparation and Response est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă  Data Breach Preparation and Response par Kevvie Fowler en format PDF et/ou ePUB ainsi qu’à d’autres livres populaires dans Business et Information Management. Nous disposons de plus d’un million d’ouvrages Ă  dĂ©couvrir dans notre catalogue.

Informations

Éditeur
Syngress
Année
2016
ISBN
9780128034507
Sujet
Business
Sous-sujet
Information Management
Chapter 1

An Overview of Data Breaches

Kevvie Fowler

Abstract

This chapter sets the common understanding of what a data Breach is, individuals' responsibility, the impact experienced by the victims, and some of the historical challenges faced by organizations in responding to Breaches. Common terms will be established in this chapter that will be referenced throughout the book.

Keywords

Data Breach; Invisible web; Sensitive data; Petty criminal; Nation state sponsored criminal; Organized criminal; Organized crime; Hacktivist; Dark web; Deep web; Underground economy

Introduction

You are at home watching television when your phone rings. It's your boss, he advises you that your company has received complaints about fraudulent activity that has been traced back to your organization. He feels that there may have been a security Breach within your systems and needs you to come into work immediately to help manage the incident. Arriving at the office and on your way to a meeting that has been called, you begin to think to yourself although you’ve managed smaller incidents such as malware outbreaks, your organization has never managed anything like this. Glancing around the meeting room at the assembled members of the public relations, legal, IT, security, and executive team, there is a common look of despair and disbelief. No one appears to be in control and at that moment you begin to get a sick feeling in your stomach as management asks the dreaded questions; How do you begin to investigate and manage the Breach? How do you recover? What will investors make of this?
Unfortunately the above scenario is an all too familiar one and as cyber criminals gain greater sophistication, the number of Breaches are increasing and many organizations are no longer questioning whether a Breach will occur but understand that they will experience one or have already experienced one and don’t yet know it. The impact of these Breaches can be catastrophic with the 2011 Breach of Sony Corporation’s online videogame services serving as an example with reported losses of over $1 billion USD.1
Proactively preparing for a Breach has been proven to significantly reduce the associated impact to an organization by 23%.2 This book can serve as both a guide to aid in the proactive preparation for a Breach to minimize impact and as a reference that can be used to reactively qualify, manage, and recover from Breaches.

What Is a Data Breach?

In this day and age, it’s difficult to ignore the fact that cyber security is on everyone’s mind. Whether it surfaces in a discussion within the Boardroom or the lunch room, the discussion doesn’t go far before cyber security and data Breaches are discussed. Often it’s about the latest organization to fall victim to a Breach or what an organization is or should be doing to protect itself. A Google search of “data Breach” will result in millions of hits, many with conflicting definitions of what a data Breach is. I will not debate which definitions are correct or which ones are not; what I will do is define key Breach-related terms that are used throughout this book to ensure proper context and clarity.
â–Ș Security Event: An action directed to a system, network, or human intended to alter the target’s state
â–Ș Security Incident: An event that violates organizational, regulatory, legislative or contractual security, or privacy policies
â–Ș Data Breach (“Breach”): A security incident that:
â–Ș Involves the intentional or unintentional access, disclosure, manipulation or destruction of data; or
â–Ș Meets specific definitions of a “Breach” as per state/province or federal laws or active contracts with clients, third parties or partners
Looking at our three definitions, most organizations have millions of events that occur on any given day, a subset of these events will be qualified as actual security incidents, and a subset of those incidents will be qualified as Breaches. It is good practice to treat all incidents as potential Breaches until they can be properly qualified, if not an incident not managed with the urgency and attention of a Breach, can later be qualified as one, and can expose the organization to increased lawsuits, fines, and reputational damage. We’ll talk more about this later in this chapter.
Our Breach definition is holistic in nature and covers most known Breach scenarios. Popular examples that fit this definition include a cyber criminal breaking into a computer to steal data; a malicious insider who abuses personal access to systems and alters or discloses data to unauthorized users; or an employee or third party who inadvertently losses data contained on a backup tape, USB key, or other forms of storage media.
Breaches are not singular events that can be solved by bringing a few technologically savvy team members into a room. Breaches are one of the most complex challenges a business can face and require proper preparation in order to ensure they are managed throughout their entire lifecycle.

Lifecycle of a Breach

Cyber security for decades has been viewed by many primarily as a technology issue. This narrow view unfortunately has extended to Breach management resulting in Breach response plans being developed focusing squarely on technological response. With this focus, they often center around how to quickly identify and remove a compromised server or laptop from a network in order to limit impact to business operations. Technological response, however, is just one phase of a series of events a Breached organization will need to go through in order to recover. This series of events is referred to as a Breach lifecycle. The lifecycle begins before the Breach is detected and ends long after the Breach has vanished from the headlines and business operations have resumed. We will refer to this entire process as the data Breach lifecycle which is illustrated in Fig. 1.1.
f01-01-9780128034514

Figure 1.1 Breach lifecycle.
In-line with other business and technology lifecycles, there are outliers which may not traverse the Breach lifecycle in their entirety or in the same order as captured (Table 1.1). This Breach lifecycle, however, does encompass a wide range of Breaches and will be used as the basis of structured proactive Breach readiness within this book. Understanding the Breach lifecycle is a critical step in ensuring holistic Breach prevention planning for an organization.
Table 1.1
Data Breach Lifecycle Phases
PhaseDescriptionChapter Reference
1PreparednessThe steps an organization takes in advance of a Breach to identify sensitive information, implement cyber defenses and detection capabilities, and to develop and test a Computer Security Incident Response (CSIR) Plan to manage an incident. Most organizations that suffer a material security incident have gone through this phase and have operated under the impression they were covered to an acceptable level. However, often errors in asset identification, security strategies, and incident response capabilities are quickly highlighted during and after management of an incident and organizations will almost always revisit this step after an incident to further improve preparedness including bolstering cyber security controls and response capabilities based on lessons learned. This phase is the beginning and the end of the management of any material incidentChapters 2, 3, and 8
2DetectionThe moment an organization is alerted about a security incident. Whether the incident was detected by organizational security controls, staff or by a third party organization or individual. After the detection of an incident, it is critical that it is escalated appropriately to invoke the CSIR Plan. Several industry Breaches have resulted in increased impact to the victim organization due to the miss-handling of detection events which were ignored or not properly routed to the organization’s CSIR Team...

Table des matiĂšres

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. About the Author
  6. About the Contributors
  7. Acknowledgments
  8. Chapter 1: An Overview of Data Breaches
  9. Chapter 2: Preparing to Develop a Computer Security Incident Response Plan
  10. Chapter 3: Developing a Computer Security Incident Response Plan
  11. Chapter 4: Qualifying and Investigating a Breach
  12. Chapter 5: Containing a Breach
  13. Chapter 6: Precisely Determining the Scope of a Breach
  14. Chapter 7: Communicating Before, During and After a Breach
  15. Chapter 8: Restoring Trust and Business Services After a Breach
  16. Chapter 9: Preparing for Breach Litigation
  17. Appendix
  18. Index
Normes de citation pour Data Breach Preparation and Response

APA 6 Citation

Fowler, K. (2016). Data Breach Preparation and Response ([edition unavailable]). Elsevier Science. Retrieved from https://www.perlego.com/book/1809652/data-breach-preparation-and-response-breaches-are-certain-impact-is-not-pdf (Original work published 2016)

Chicago Citation

Fowler, Kevvie. (2016) 2016. Data Breach Preparation and Response. [Edition unavailable]. Elsevier Science. https://www.perlego.com/book/1809652/data-breach-preparation-and-response-breaches-are-certain-impact-is-not-pdf.

Harvard Citation

Fowler, K. (2016) Data Breach Preparation and Response. [edition unavailable]. Elsevier Science. Available at: https://www.perlego.com/book/1809652/data-breach-preparation-and-response-breaches-are-certain-impact-is-not-pdf (Accessed: 15 October 2022).

MLA 7 Citation

Fowler, Kevvie. Data Breach Preparation and Response. [edition unavailable]. Elsevier Science, 2016. Web. 15 Oct. 2022.