Published by Addison-Wesley Professional (November 28, 2019) © 2020

Sherri Davidoff
    VitalSource eTextbook (Lifetime access)
    €34,99
    Adding to cart… The item has been added
    ISBN-13: 9780134507729

    Data Breaches: Crisis and Opportunity ,1st edition

    Language: English

    Protect Your Organization Against Massive Data Breaches and Their Consequences

    Data breaches can be catastrophic, but they remain mysterious because victims don’t want to talk about them. In Data Breaches, world-renowned cybersecurity expert Sherri Davidoff shines a light on these events, offering practical guidance for reducing risk and mitigating consequences. Reflecting extensive personal experience and lessons from the world’s most damaging breaches, Davidoff identifies proven tactics for reducing damage caused by breaches and avoiding common mistakes that cause them to spiral out of control.

    You’ll learn how to manage data breaches as the true crises they are; minimize reputational damage and legal exposure; address unique challenges associated with health and payment card data; respond to hacktivism, ransomware, and cyber extortion; and prepare for the emerging battlefront of cloud-based breaches.
    • Understand what you need to know about data breaches, the dark web, and markets for stolen data
    • Limit damage by going beyond conventional incident response
    • Navigate high-risk payment card breaches in the context of PCI DSS
    • Assess and mitigate data breach risks associated with vendors and third-party suppliers
    • Manage compliance requirements associated with healthcare and HIPAA
    • Quickly respond to ransomware and data exposure cases
    • Make better decisions about cyber insurance and maximize the value of your policy
    • Reduce cloud risks and properly prepare for cloud-based data breaches   
    Data Breaches is indispensable for everyone involved in breach avoidance or response: executives, managers, IT staff, consultants, investigators, students, and more. Read it before a breach happens!

    Register your book for convenient access to downloads, updates, and/or corrections as they become available. See inside book for details.
    Preface xvii
    Acknowledgments xxiii
    About the Author xxv


    Chapter 1: Dark Matters 1
    1.1 Dark Breaches 3
    1.2 Skewed Statistics 13
    1.3 Why Report? 18
    1.4 What’s Left Unsaid 20

    Chapter 2: Hazardous Material 23
    2.1 Data Is the New Oil 30
    2.2 The Five Data Breach Risk Factors 33
    2.3 The Demand for Data 34
    2.4 Anonymization and Renonymization 41
    2.5 Follow the Data 44
    2.6 Reducing Risk 51
    2.7 Conclusion 54

    Chapter 3: Crisis Management 55
    3.1 Crisis and Opportunity 57
    3.2 Crisis Communications, or Communications Crisis? 60
    3.3 Equifax 70
    3.4 Conclusion 75

    Chapter 4: Managing DRAMA 77
    4.1 The Birth of Data Breaches 79
    4.2 A Smoldering Crisis 81
    4.3 Prodromal Phase 85
    4.4 Acute Phase 94
    4.5 Reducing Harm 98
    4.6 Chronic Phase 108
    4.7 Resolution Phase 111
    4.8 Before a Breach 114
    4.9 Conclusion 117

    Chapter 5: Stolen Data 119
    5.1 Leveraging Breached Data 121
    5.2 Fraud 121
    5.3 Sale 123
    5.4 The Goods 135
    5.5 Conclusion 141

    Chapter 6: Payment Card Breaches 143
    6.1 The Greatest Payment Card Scam of All 144
    6.2 Impact of a Breach 146
    6.3 Placing Blame 150
    6.4 Self-Regulation 153
    6.5 TJX Breach 160
    6.6 The Heartland Breach 167
    6.7 PCI and Data Breach Investigations 171
    6.8 Conclusion 174

    Chapter 7: Retailgeddon 177
    7.1 Accident Analysis 179
    7.2 An Ounce of Prevention 191
    7.3 Target’s Response 199
    7.4 Ripple Effects 223
    7.5 Chip and Scam 227
    7.6 Legislation and Standards 236
    7.7 Conclusion 237

    Chapter 8: Supply Chain Risks 239
    8.1 Service Provider Access 242
    8.2 Technology Supply-Chain Risks 245
    8.3 Cyber Arsenals 252
    8.4 Conclusion 254

    Chapter 9: Health Data Breaches 257
    9.1 The Public vs. the Patient 258
    9.2 Bulls-Eye on Healthcare 260
    9.3 HIPAA: Momentous and Flawed 263
    9.4 Escape from HIPAA 274
    9.5 Health Breach Epidemic 279
    9.6 After a Breach 295
    9.7 Conclusion 300

    Chapter 10: Exposure and Weaponization 303
    10.1 Exposure Breaches 305
    10.2 Response 310
    10.3 MegaLeaks 323
    10.4 Conclusion 336

    Chapter 11: Extortion 337
    11.1 Epidemic 339
    11.2 Denial Extortion 340
    11.3 Exposure Extortion 348
    11.4 Faux Extortion 356
    11.5 Conclusion 357

    Chapter 12: Cyber Insurance 359
    12.1 Growth of Cyber Insurance 361
    12.2 Industry Challenges 361
    12.3 Types of Coverage 362
    12.4 Commercial Off-the-Shelf Breach Response 364
    12.5 How to Pick the Right Cyber Insurance 367
    12.6 Leverage Your Cyber Insurance 386
    12.7 Conclusion 388

    Chapter 13: Cloud Breaches 389
    13.1 Risks of the Cloud 393
    13.2 Visibility 400
    13.3 Intercepted 409
    13.4 Conclusion 413

    Afterword 415

    Index 417