Join Amazon Prime and ship Two-Day for free and Overnight for $3.99. Already a member? Sign in.

Quantity:

More Buying Choices

24 used & new from $46.88

Have one to sell?

Managing Catastrophic Loss of Sensitive Data: A Guide for IT and Security Professionals

Share your own customer images

Search inside this book

Are You an Author or Publisher? Find out how to publish your own Kindle Books

Managing Catastrophic Loss of Sensitive Data: A Guide for IT and Security Professionals (Paperback)

by Constantine Photopoulos (Author)

No customer reviews yet. Be the first.

List Price:	$59.95
Price:	$54.30 & this item ships for FREE with Super Saver Shipping. Details
You Save:	$5.65 (9%)

In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.

Want it delivered Tuesday, July 8? Choose One-Day Shipping at checkout. See details

› 24 used & new available from $46.88

Customers Who Bought Items Like This Also Bought

Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research by James Foster

(1) $37.77

Penetration Tester's Open Source Toolkit, Volume 2 by Chris Hurley

$37.77

Wireshark & Ethereal Network Protocol Analyzer Toolkit (Jay Beale's Open Source Security) (Jay Beale's Open Source Security) by Angela Orebaugh

(2) $48.95

Security Metrics: Replacing Fear, Uncertainty, and Doubt by Andrew Jaquith

(18) $31.49

Network Warrior by Gary A. Donahue

(24) $29.69

› Explore similar items : Books (50)

Editorial Reviews

Book Description
With one significant data loss event reported every two days, this is the first book to specifically address the consequences of and steps for recovery from a catastrophic loss of sensitive data.

Product Description
Offering a structured approach to handling and recovering from a catastrophic data loss, this book will help both technical and non-technical professionals put effective processes in place to secure their business-critical information and provide a roadmap of the appropriate recovery and notification steps when calamity strikes.

*Addresses a very topical subject of great concern to security, general IT and business management
*Provides a step-by-step approach to managing the consequences of and recovering from the loss of sensitive data.
*Gathers in a single place all information about this critical issue, including legal, public relations and regulatory issues

See all Editorial Reviews

Product Details

Paperback: 400 pages
Publisher: Syngress (March 3, 2008)
Language: English
ISBN-10: 1597492396
ISBN-13: 978-1597492393
Product Dimensions: 9.1 x 7.4 x 0.6 inches
Shipping Weight: 1 pounds (View shipping rates and policies)
Average Customer Review: No customer reviews yet. Be the first.
Amazon.com Sales Rank: #257,471 in Books (See Bestsellers in Books)

(Publishers and authors: Improve Your Sales)

Would you like to update product info or give feedback on images?

Constantine Photopoulos' latest blog posts

Constantine Photopoulos sent the following post to customers who purchased Managing Catastrophic Loss of Sensitive Data: A Guide for IT and Security Professionals

Catastrophic Data Loss - Book Description

11:23 AM PDT, April 7, 2008, updated at 10:19 AM PDT, April 8, 2008

As the author of the book, I would like to expand on the publisher’s description in order to provide a more comprehensive overview for potential readers and others interested in this topic.

The issue of sensitive data loss is a significant concern, since organizations that are victims of a breach can suffer reputational damage, loss of customer confidence, legal and regulatory scrutiny, and the direct costs of incident management and customer notification. For individuals, a breach of personal information that leads to identity theft or fraud can be devastating.

The book presents step-by-step processes and procedures to help organizations handle and recover from a catastrophic data loss, whether it involves customer or employee Personally Identifiable Information (PII) or proprietary organizational data. It is organized into chapters covering the various aspects of data breach management, from preparation through response and closure, as follows:

Data Classification: This is the process through which an organization categorizes its information assets and defines their sensitivity and confidentiality in order to identify appropriate levels of protection. This chapter covers common classification levels, data ownership and usage, and the various phases of a data classification project.

Controls and Safeguards: This chapter covers the data security program, information security controls, and the procedural and technical safeguards for various possible sources of data leakage.

Data Security Policy: A data security policy outlines the essential requirements for protecting information assets. This chapter covers the policy development, contents, implementation and update, and auditing and metrics to measure the success of the policy.

Response Program: This chapter will cover the response program to engage in advance planning for the possibility of a breach, the implementation of a data breach response team, and the development of a response plan.

Detection and Reporting: This initial phase of the incident life cycle includes the detection of an incident and its reporting to the appropriate parties. This chapter covers detection sources and processes and the required reporting mechanism to the response team.

Evaluation and Response: Breach evaluation is the process of analyzing the incident data, team escalation, incident classification and scope, and severity assessment. The response includes the technical and procedural measures to limit the scope of the incident and to return the organization to a secure status. This includes containment, recovery, documentation, and forensics.

Disclosure and Notification: Timely notification of victims of a data breach is important to comply with legal requirements, manage an organization’s reputational and legal risk, and enable victims to take protective measures. This chapter covers the notification threshold, timing, scope, contents of the notice, other necessary notifications, legal issues and requirements, and follow-up support.

Closure: This chapter covers lessons learned, incident impact and costs, root cause analysis and corrective actions plans, internal and external follow-ups, and incident closure.

Relevant Legislation: This appendix reviews current legislation and regulations that address data breaches.

If you want more information about the book or if you have any other questions, you can contact me at cp@soxgroup.com. If you are currently involved in an organizational initiative around sensitive data classification and management, or if you would like to provide updates and new developments in the field for this blog, please let me know.

» Read more

Comment

› Read more of Constantine Photopoulos' Blog

Inside This Book