Powerful Google developer tools for immediate impact! (2023-24 C)
Breach response
1. Best Practices for Incident Response Management in SME vs. Enterprise Claudiu Popa, CISSP CISA CIPP CRMP President, Informatica Corporation
2.
3.
4. ISO 27000 Define overall scope of program Look for IM in security policy Conduct a risk assessment or BIA Manage identified risks Select IM-specific controls Report on IM control & ISIRT* effectiveness *Information Security Incident Response Team Structure Risk Assessment and Treatment Security Policy Organization of Information Security Asset Management Human Resources Security Physical Security Communications and Ops Management Access Control Information Systems Acquisition, Development, Maintenance Information Security Incident management Business Continuity Compliance 001 Audit 002 Content
5.
6.
7.
8.
9.
10.
11.
12.
13. Discussion Where is incident management headed? What is the evolution of breach response? Are there any competitive / financial benefits?
14.
Hinweis der Redaktion
A best practice discussion on what a solid Incident Response Plan (IRP) should look like, as well as an analysis of the ISO 27001 standards, with particular attention on the differences between SME’s and large organizations.
The content sections are: Structure Risk Assessment and Treatment Security Policy Organization of Information Security Asset Management Human Resources Security Physical Security Communications and Ops Management Access Control Information Systems Acquisition, Development, Maintenance Information Security Incident management Business Continuity Compliance
13. INFORMATION SECURITY INCIDENT MANAGEMENT 13.1 REPORT INFORMATION SECURITY EVENTS AND WEAKNESSES 13.1.1 REPORT INFORMATION SECURITY EVENTS AS QUICKLY AS POSSIBLE 13.1.2 REPORT SECURITY WEAKNESSES IN SYSTEMS AND SERVICES 13.2 MANAGE INFORMATION SECURITY INCIDENTS AND IMPROVEMENTS 13.2.1 ESTABLISH INCIDENT RESPONSE RESPONSIBILITIES AND PROCEDURES 13.2.2 LEARN FROM YOUR INFORMATION SECURITY INCIDENTS 13.2.3 COLLECT EVIDENCE TO SUPPORT YOUR ACTIONS