相關主題
商品描述
Create, maintain, and manage a continual cybersecurity incident response program using the practical steps presented in this book. Don't allow your cybersecurity incident responses (IR) to fall short of the mark due to lack of planning, preparation, leadership, and management support.
Surviving an incident, or a breach, requires the best response possible. This book provides practical guidance for the containment, eradication, and recovery from cybersecurity events and incidents.
The book takes the approach that incident response should be a continual program. Leaders must understand the organizational environment, the strengths and weaknesses of the program and team, and how to strategically respond. Successful behaviors and actions required for each phase of incident response are explored in the book. Straight from NIST 800-61, these actions include:
- Planning and practicing
- Detection
- Containment
- Eradication
- Post-incident actions
What You’ll Learn
- Know the sub-categories of the NIST Cybersecurity Framework
- Understand the components of incident response
- Go beyond the incident response plan
- Turn the plan into a program that needs vision, leadership, and culture to make it successful
- Be effective in your role on the incident response team
Who This Book Is For
Cybersecurity leaders, executives, consultants, and entry-level professionals responsible for executing the incident response plan when something goes wrong
商品描述(中文翻譯)
建立、維護並管理一個持續的網路安全事件響應計畫,使用本書中提供的實用步驟。不要因為缺乏計畫、準備、領導和管理支持而使你的網路安全事件響應(IR)未能達到標準。
在事件或違規發生時,生存下來需要最佳的響應。本書提供了針對網路安全事件和事故的遏制、根除和恢復的實用指導。
本書採取的觀點是事件響應應該是一個持續的計畫。領導者必須了解組織環境、計畫和團隊的優勢與劣勢,以及如何進行策略性響應。本書探討了每個事件響應階段所需的成功行為和行動。這些行動直接來自於 NIST 800-61,包括:
- 計畫與演練
- 偵測
- 遏制
- 根除
- 事件後行動
你將學到的內容:
- 知道 NIST 網路安全框架的子類別
- 理解事件響應的組成部分
- 超越事件響應計畫
- 將計畫轉變為需要願景、領導和文化以使其成功的計畫
- 在事件響應團隊中有效地履行你的角色
本書適合的對象:
負責在出現問題時執行事件響應計畫的網路安全領導者、高層主管、顧問和初級專業人員。
