Information Security Breaches

Information Security Breaches: Avoidance and Treatment based on ISO27001

Copyright Date: 2009
Published by: IT Governance Publishing
Pages: 56
  • Cite this Item
  • Book Info
    Information Security Breaches
    Book Description:

    If something happens, your company needs to be ready to take prompt and decisive action to resolve the issue. This book tells you the plans and procedures you need to put in place to tackle an information security breach should it occur. In particular, the book gives you clear guidance on how to treat an information security breach in accordance with ISO27001. If a breach occurs, the evidence needs to be secured professionally. You need to know the rules on evidence gathering, and you need to be capable of isolating the suspect laptops right from the start. If you want your company to respond rapidly to an information security breach, you need to make sure that the responsibilities and roles in your company are clearly defined.

    eISBN: 978-1-84928-028-0
    Subjects: Technology

Table of Contents

  1. Front Matter
    (pp. 1-4)
    (pp. 5-6)

    In 1992, a business acquaintance of mine introduced me to something he called ‘the ultimate book on information security’. It turned out to be a guide written by a retired NSA officer with a tendency to talk a little bit more than would probably have been allowed in the terms of the NDAs he had once signed. This, of course, was all the more appreciated by those listening to him. The book focused entirely on written information, and had originally been published in the late eighties or early nineties, a time when I started to use punch cards as notepaper...

    (pp. 7-7)
    (pp. 8-8)
    (pp. 8-8)
  6. Table of Contents
    (pp. 9-9)
    (pp. 10-11)

    Although breaches of information security are not a new phenomenon, the methods used to perpetrate such breaches have changed considerably over the years. Leaking information to non-authorised people has always been an issue but, in the computer age, the speed and effectiveness with which breaches of information security can occur, and the amount of harm potentially caused are disturbing. Typically, also, they favour the perpetrator, not the victim.

    Modern companies depend on their IT systems, and it is clear that special care needs to be taken to keep systems safe and secure. In this guide, we focus solely on the...

    (pp. 12-24)

    Defining what constitutes a breach of information is not easy. Does only criminal activity constitute a breach? Is it only the things we read and hear about in the media, (such as the Army ‘losing’ data,) or does everything that causes damage count as a breach? These are practical questions, even though they may sound strange at first.

    When establishing the roles, responsibilities, processes and technologies required in a company to assure information security, these questions can be answered with ease at the technical level. They start to become more complex once the differing views of affected departments come to...

    (pp. 25-40)

    The following is an outline of a treatment process. It assumes as a starting point that the company has just been made aware, by internal or external sources, that a breach exists.

    This comprises the steps below.

    Assessing the immediate damage. Only material damage that has already happened is included.

    Assessing the long-term damage impact. Questions to ask: does this incident have a long-term impact, can it recur and does it have a systemic impact?

    Assessing the impact of the breach on business processes, your market situation, customer base, the public’s reaction if applicable, and customer contracts. When assessing long-term...

    (pp. 41-53)

    This chapter is intended for the curious reader who would like to know about other companies’ experiences with a serious incident, and the outcomes. Although ISO27001 stipulates that, to enable learning, companies should share information on such experiences, it is actually difficult for them to do so. Nobody likes to admit that they have had a serious problem. This is understandable as, nowadays, it is highly likely that customers, members of the public or even government officials will try to gain some windfall profit from such an incident through lawsuits, bad press or other action. In addition, of course, if...

    (pp. 54-56)