The Computer Incident Response Planning Handbook ─ Executable Plans for Protecting Information at Risk

Based on proven, rock-solid computer incident response plans

The Computer Incident Response Planning Handbook is derived from real-world incident response plans that work and have survived audits and repeated execution during data breaches and due diligence. The book provides an overview of attack and breach types, strategies for assessing an organization, types of plans, and case examples. Tips for keeping data contained, reputations defended, and recognizing and handling the magnitude of any given threat are included.

The Computer Incident Response Planning Handbook

• Contains ready-to-implement incident response plans with guidelines for ongoing due diligence, all based on actual, working, and tested CIRPs
• Prepares you to immediately build a CIRP for any organization, and keep that plan maintained
• Explains all the essentials involved in developing both data breach and malware outbreak CIRPs derived from tested incident response plans that have survived the rigors of repeated execution
• Clearly explains how to minimize the risk of post-event litigation, brand impact, fines and penalties—and how to protect shareholder value
• Supports corporate compliance with industry standards and requirements like PCI, HIPAA, SOX, CA SB-1386
• All plans derived from the book are technology-agnostic
• Provides supplementary reading to professionals studying for the CERT Certified Computer Security Incident Handler exam or the SANS/GIAC Certified Incident Handler exam (GCIH)

In-depth coverage:
The Latest Cyber Attacks and How They Are Business Killers; The Nebulous Standard of Cyber Due Diligence &. The New Era of Information Risk; Introduction to Planning & Crisis; A Plan is Preparation Manifested; Getting More Out of Your Plans; Developing a Data Breach CIRP – Incident Preparation, Plan Execution, and Post-incident Planning; Developing a Malware Outbreak CIRP – Incident Preparation, Plan Execution, and Post-incident Planning; References

N.K. McCarthy previously managed the Information Security Operations / Threat & Vulnerability Management for a Fortune 50 Corporation for several years. His international staff performed round-the-clock security event monitoring and response. His responsibilities included: security patch remediation, vulnerability scans, and remediation, penetration testing, system configuration monitoring and remediation, maintaining the various Computer Incident Response Plans (CIRP), and an active threat portfolio for key business functions, users, application platforms and persistent vulnerabilities. With a career in over 20 plus years in IT, Mr. McCarthy has held a wide range of roles within IT including systems programming, IT consultant, technical management, and IT sales. He recently retired after 30 plus years as a Marine Corps reservist obtaining the rank of Lieutenant Colonel. His last reserve assignmen