Description

Why do some organizations emerge from a data breach unscathed, while others are badly damaged, or even collapse? How can you make smart choices to protect your organization before and after a data breach? This book exposes the high-octane world of data breach disclosure and response, where IT help desk staff have the power to save or destroy a company, and cutting-edge attorneys must often parachute in to save the day. You’ll watch as one of the world’s most experienced cybersecurity professionals dissects high-profile data breaches, reveals what happened, and reveals exactly what you can do to navigate a massive data breach -- quickly mitigating damage to your digital assets, finances, and organizational reputation.

Sherri Davidoff teaches through storytelling, making this book powerfully accessible and practically useful to everyone from the boardroom to the server closet. Along the way, she reveals what the press didn’t cover about attacks on ChoicePoint, TJ Maxx, Heartland, Target, Anthem, and many other leading organizations -- and presenting specific lessons you can start applying right now, regardless of your technical or business infrastructure.

Drawing on her immense personal experience with digital forensics, incident response, security awareness training, penetration testing, and web security assessment -- and her work teaching in venues from Black Hat to the Department of Defense -- Davidoff introduces today’s most comprehensive and practical framework for data breach response. You’ll discover:

• Critical turning points throughout data breach events, and how to respond to each of them
• How breach response lifecycles are changing: why classic incident response approaches are no longer sufficient, and what to do instead
• How internal politics can affect data breach response, and what to do about it
• How to read between the lines of public statements and notifications (or lack thereof)
• What you need to know about breaches in retail and other specific industries -- and the limitations of standards such as PCI/DSS
• How to protect against and recover from ransomware
• How to assess products and services such as Commercial Off-The-Shelf Breach Response, cybersecurity insurance, and crisis management services
• What you can do right now to make breach response less traumatic

• An insider’s guide offering a new, systematic, and practical framework for data breach response: finally, an accessible, comprehensive playbook for what to do when
• Built around in-depth and highly-specific case studies: what really happened at ChoicePoint, TJ Maxx, Heartland, Target, Anthem, Sony, Children's Hospital Boston, and more
• Identifies critical decision points in high-profile data breaches, and explores the risks and benefits of the choices that were made at the time
• Written by the hacker featured in the bestseller 'Breaking and Entering: The Extraordinary Story of a Hacker Called "Alien"

• An insider’s guide offering a new, systematic, and practical framework for data breach response: finally, an accessible, comprehensive playbook for what to do when
• Built around in-depth and highly-specific case studies: what really happened at ChoicePoint, TJ Maxx, Heartland, Target, Anthem, Sony, Children's Hospital Boston, and more
• Identifies critical decision points in high-profile data breaches, and explores the risks and benefits of the choices that were made at the time

Back Cover

Why do some organizations emerge from a data breach unscathed, while others are badly damaged, or even collapse? How can you make smart choices to protect your organization before and after a data breach? This book exposes the high-octane world of data breach disclosure and response, where IT help desk staff have the power to save or destroy a company, and cutting-edge attorneys must often parachute in to save the day. You’ll watch as one of the world’s most experienced cybersecurity professionals dissects high-profile data breaches, reveals what happened, and reveals exactly what you can do to navigate a massive data breach -- quickly mitigating damage to your digital assets, finances, and organizational reputation.

Sherri Davidoff teaches through storytelling, making this book powerfully accessible and practically useful to everyone from the boardroom to the server closet. Along the way, she reveals what the press didn’t cover about attacks on ChoicePoint, TJ Maxx, Heartland, Target, Anthem, and many other leading organizations -- and presenting specific lessons you can start applying right now, regardless of your technical or business infrastructure.

Drawing on her immense personal experience with digital forensics, incident response, security awareness training, penetration testing, and web security assessment -- and her work teaching in venues from Black Hat to the Department of Defense -- Davidoff introduces today’s most comprehensive and practical framework for data breach response. You’ll discover:

• Critical turning points throughout data breach events, and how to respond to each of them
• How breach response lifecycles are changing: why classic incident response approaches are no longer sufficient, and what to do instead
• How internal politics can affect data breach response, and what to do about it
• How to read between the lines of public statements and notifications (or lack thereof)
• What you need to know about breaches in retail and other specific industries -- and the limitations of standards such as PCI/DSS
• How to protect against and recover from ransomware
• How to assess products and services such as Commercial Off-The-Shelf Breach Response, cybersecurity insurance, and crisis management services
• What you can do right now to make breach response less traumatic

• An insider’s guide offering a new, systematic, and practical framework for data breach response: finally, an accessible, comprehensive playbook for what to do when
• Built around in-depth and highly-specific case studies: what really happened at ChoicePoint, TJ Maxx, Heartland, Target, Anthem, Sony, Children's Hospital Boston, and more
• Identifies critical decision points in high-profile data breaches, and explores the risks and benefits of the choices that were made at the time
• Written by the hacker featured in the bestseller 'Breaking and Entering: The Extraordinary Story of a Hacker Called "Alien"

• An insider’s guide offering a new, systematic, and practical framework for data breach response: finally, an accessible, comprehensive playbook for what to do when
• Built around in-depth and highly-specific case studies: what really happened at ChoicePoint, TJ Maxx, Heartland, Target, Anthem, Sony, Children's Hospital Boston, and more
• Identifies critical decision points in high-profile data breaches, and explores the risks and benefits of the choices that were made at the time

Author

Sherri Davidoff is a cybersecurity expert, author, speaker, and CEO of both LMG Security and BrightWise, Inc. She is a recognized expert in digital forensics and cybersecurity, and is coauthor of Network Forensics: Tracking Hackers Through Cyberspace (Prentice Hall, 2012). Sherri has consulted and/or conducted cybersecurity training for many distinguished organizations, including the Department of Defense, the American Bar Association, FFIEC/FDIC, and many more. She is a faculty member at the Pacific Coast Banking School, and is a frequent contributor of education articles and webinars. She is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN), and holds a degree in computer science and electrical engineering from MIT.