Unlike many books about computers, this one deserves to be read cover-to-cover. The authors have points to make, and they generally build on their earlier thoughts as they go. Some material in these pages seems somewhat obvious--the advice to dress nicely for a media interview, for example--but it all fits with the authors' goal of showing their readers how to react (in all respects) to security problems when they happen. Read this, be prepared for trouble, and know how to educate others about incident response. --David Wall
Topics covered: how an organisation should react--organisationally, technically, legally and in terms of public relations--to incidents of unauthorised access (originating both internally and externally) to its computer systems.
The increasing complexity and diversity of systems, applications, and networks has made them more difficult to defend. As companies continue to experience losses due to security breaches, security professionals must take a new approach in protecting their assets. By using monitoring and detection measures with prompt intervention, you can reduce the magnitude of incidents. This book gives you the information you need to develop an effective incident response strategy. Providing specific security plans from internationally recognized experts on the topic, illustrated through case studies showing real-world application, Incident Response provides comprehensive coverage of all phases of incident response, from pre-incident conditions and considerations to post-incident analysis. Dr. E. Eugene Schultz and Russell Shumway (along wiht a contribution by Dr. Terry Gudaitis) teach you security principles that help you minimize information loss and system disruption.