國立虎尾科技大學 |

Cybersecurity incident response = how to contain, eradicate, and recover from incidents /

Record Type:	Language materials, printed : Monograph/item
Title/Author:	Cybersecurity incident response/ by Eric C. Thompson.
Reminder of title:	how to contain, eradicate, and recover from incidents /
Author:	Thompson, Eric C.
Published:	Berkeley, CA :Apress : : 2018.,
Description:	xv, 176 p. :ill., digital ; : 24 cm.;
Contained By:	Springer eBooks
Subject:	Computer security - Management. -
Online resource:	https://doi.org/10.1007/978-1-4842-3870-7
ISBN:	9781484238707

Cybersecurity incident response = how to contain, eradicate, and recover from incidents /
Thompson, Eric C.

Cybersecurity incident responsehow to contain, eradicate, and recover from incidents /[electronic resource] :by Eric C. Thompson. - Berkeley, CA :Apress :2018. - xv, 176 p. :ill., digital ;24 cm.

Chapter 1: The Significance of Incident Response -- Chapter 2: Necessary Prerequisites -- Chapter 3: Incident Response Frameworks -- Chapter 4: Leadership, Teams, and Culture -- Chapter 5: The Incident Response Strategy -- Chapter 6: Cyber Risks and the Attack Lifecycle -- Chapter 7: Detection and Identification of Events -- Chapter 8: Containment -- Chapter 9: Eradication, Recovery, and Post-Incident Review -- Chapter 10: Continuous Monitoring of Incident Response Program -- Chapter 11: Incident Response Story -- Chapter 12: This Is a Full-Time Job -- Appendix A: NIST CSF.

Create, maintain, and manage a continual cybersecurity incident response program using the practical steps presented in this book. Don't allow your cybersecurity incident responses (IR) to fall short of the mark due to lack of planning, preparation, leadership, and management support. Surviving an incident, or a breach, requires the best response possible. This book provides practical guidance for the containment, eradication, and recovery from cybersecurity events and incidents. The book takes the approach that incident response should be a continual program. Leaders must understand the organizational environment, the strengths and weaknesses of the program and team, and how to strategically respond. Successful behaviors and actions required for each phase of incident response are explored in the book. Straight from NIST 800-61, these actions include: Planning and practicing Detection Containment Eradication Post-incident actions What You'll Learn: Know the sub-categories of the NIST Cybersecurity Framework Understand the components of incident response Go beyond the incident response plan Turn the plan into a program that needs vision, leadership, and culture to make it successful Be effective in your role on the incident response team.

ISBN: 9781484238707

Standard No.: 10.1007/978-1-4842-3870-7doiSubjects--Topical Terms:

641875
Computer security
--Management.

LC Class. No.: QA76.9.A25 / T466 2018

Dewey Class. No.: 005.8

Cybersecurity incident response = how to contain, eradicate, and recover from incidents /
LDR:02862nam a2200325 a 4500 001 929301
003 DE-He213
005 20190319085926.0
006 m d
007 cr nn 008maaau
008 190626s2018 cau s 0 eng d
020 $a 9781484238707 $q (electronic bk.)
020 $a 9781484238691 $q (paper)
024 7 $a 10.1007/978-1-4842-3870-7 $2 doi
035 $a 978-1-4842-3870-7
040 $a GP $c GP
041 0 $a eng
050 4 $a QA76.9.A25 $b T466 2018
072 7 $a UR $2 bicssc
072 7 $a COM053000 $2 bisacsh
072 7 $a UR $2 thema
082 0 4 $a 005.8 $2 23
090 $a QA76.9.A25 $b T469 2018
100 1 $a Thompson, Eric C. $3 1073733
245 1 0 $a Cybersecurity incident response $h [electronic resource] : $b how to contain, eradicate, and recover from incidents / $c by Eric C. Thompson.
260 $a Berkeley, CA : $b Apress : $b Imprint: Apress, $c 2018.
300 $a xv, 176 p. : $b ill., digital ; $c 24 cm.
505 0 $a Chapter 1: The Significance of Incident Response -- Chapter 2: Necessary Prerequisites -- Chapter 3: Incident Response Frameworks -- Chapter 4: Leadership, Teams, and Culture -- Chapter 5: The Incident Response Strategy -- Chapter 6: Cyber Risks and the Attack Lifecycle -- Chapter 7: Detection and Identification of Events -- Chapter 8: Containment -- Chapter 9: Eradication, Recovery, and Post-Incident Review -- Chapter 10: Continuous Monitoring of Incident Response Program -- Chapter 11: Incident Response Story -- Chapter 12: This Is a Full-Time Job -- Appendix A: NIST CSF.
520 $a Create, maintain, and manage a continual cybersecurity incident response program using the practical steps presented in this book. Don't allow your cybersecurity incident responses (IR) to fall short of the mark due to lack of planning, preparation, leadership, and management support. Surviving an incident, or a breach, requires the best response possible. This book provides practical guidance for the containment, eradication, and recovery from cybersecurity events and incidents. The book takes the approach that incident response should be a continual program. Leaders must understand the organizational environment, the strengths and weaknesses of the program and team, and how to strategically respond. Successful behaviors and actions required for each phase of incident response are explored in the book. Straight from NIST 800-61, these actions include: Planning and practicing Detection Containment Eradication Post-incident actions What You'll Learn: Know the sub-categories of the NIST Cybersecurity Framework Understand the components of incident response Go beyond the incident response plan Turn the plan into a program that needs vision, leadership, and culture to make it successful Be effective in your role on the incident response team.
650 0 $a Computer security $x Management. $3 641875
650 0 $a Computer crimes. $3 564161
650 1 4 $a Security. $3 1114130
710 2 $a SpringerLink (Online service) $3 593884
773 0 $t Springer eBooks
856 4 0 $u https://doi.org/10.1007/978-1-4842-3870-7
950 $a Professional and Applied Computing (Springer-12059)