This document discusses information security incident management. It defines what constitutes an information security incident, such as unauthorized access or denial of service attacks. It also outlines the key aspects of an incident response program, including preparation, detection, response, and documentation. The document explains the roles of incident response coordinators, handlers, and teams. It also covers investigation practices, evidence handling, and federal and state data breach notification requirements.
Incident Response Methodology is one of the popular process to investigate the incident which is unlawful, unauthorized or unacceptable action on computer system or computer network.
National Cybersecurity - Roadmap and Action PlanDr David Probert
Analysis, strategies and practical action plans for National Government Cybersecurity based upon the United Nations - International Telecommunications Union - UN/ITU Cybersecurity Framework and their Global Cybersecurity Agenda - GCA.
Incident Response Methodology is one of the popular process to investigate the incident which is unlawful, unauthorized or unacceptable action on computer system or computer network.
National Cybersecurity - Roadmap and Action PlanDr David Probert
Analysis, strategies and practical action plans for National Government Cybersecurity based upon the United Nations - International Telecommunications Union - UN/ITU Cybersecurity Framework and their Global Cybersecurity Agenda - GCA.
Classify information and supporting assets (e.g., sensitivity, criticality), Determine and maintain ownership (e.g., data owners, system owners, business/mission
owners), Protect privacy, Ensure appropriate retention (e.g., media, hardware, personnel), Determine data security controls (e.g., data at rest, data in transit), Establish handling requirements (markings, labels, storage, destruction of sensitive
information)
** CyberSecurity Certification Training: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "Cybersecurity Frameworks" will help you understand why and how the organizations are using the cybersecurity framework to Identify, Protect and Recover from cyber attacks.
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
Classify information and supporting assets (e.g., sensitivity, criticality), Determine and maintain ownership (e.g., data owners, system owners, business/mission
owners), Protect privacy, Ensure appropriate retention (e.g., media, hardware, personnel), Determine data security controls (e.g., data at rest, data in transit), Establish handling requirements (markings, labels, storage, destruction of sensitive
information)
** CyberSecurity Certification Training: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "Cybersecurity Frameworks" will help you understand why and how the organizations are using the cybersecurity framework to Identify, Protect and Recover from cyber attacks.
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
Cyber security lecture for University students, following and expanding on previously delivered presentation on Enterprise Security Incident Management. More in-depth, with the Security Incident lifecycle focus
How to Build and Implement your Company's Information Security ProgramFinancial Poise
Data is one of your business’s most valuable assets and requires protection like any other asset. How can you protect your data from unauthorized access or inadvertent disclosure?
An information security program is designed to protect the confidentiality, integrity, and availability of your company’s data and information technology assets. Federal, state, or international law may also require your business to have an information security program in place.
This webinar will provide the basics of how to create and implement an information security program, beginning with identifying your incident response team, putting applicable insurance policies into place, and closing any gaps in the security of your data.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/how-to-build-and-implement-your-companys-information-security-program-2021/
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2TechSoup Canada
Part 1 of this webinar series provided an overview of cybersecurity and explained the cyber risks and legislation affecting nonprofits. In part 2 of the series, Imran Ahmad of Miller Thomson, LLP returns to answer your questions on cybersecurity and to delve deeper into cybersecurity maintenance and best practices to avoid data breaches. This includes the implementation of measures to prevent data breaches in the pre-attack phase, to the implementation of security best practices in the event of a cyber attack or breach.
What you will learn:
· How to develop key cybersecurity-related documents;
· How to maintain an internal matrix of when to notify affected individuals;
· How to review contracts from a cybersecurity compliance perspective.
Do you have an incident response plan to cover disasters, cyber-attacks, and other threats to your organization? How confident are you that it will work in a real-world situation? While simply having a plan will help you check the box on the audit, it doesn't guarantee effectiveness in a real situation. Assessing your incident response plans through fire drills, desk top exercises, functional scenarios, and full scale exercises will help your organization truly validate the effectiveness of the plan.
IR assessments are meant to:
- Evaluate plans, policies, and procedures
- Find weaknesses in the plan and gaps in resources
- Improve coordination and communication internally and externally
- Define and validate roles and responsibilities
- Train personnel in their roles and responsibilities
This webinar will provide practical steps for assessing your organization's plans and demonstrate ways to improve them through a methodical and proven approach. After all, whether they're big or small, internal or external, in most any organization incidents occur. Complete plans that have been tested, backed by trained resources and thorough communication, are the proven recipe to minimize the impact of incidents when they occur.
Our featured speakers for this webinar will be:
- Ted Julian, Chief Marketing Officer, Co3 Systems
- Richard White, Security Intelligence and Operations Principal, HP Enterprise Security Products
ABC Healthcare Limited
Incidence Response Policy
1. Purpose. The purpose of this directive is to establish security policy and procedures for implementing the Incidence response policy at ABC Healthcare.
2. Scope. The provisions of this policy apply to all ABC healthcare employees, contractors, and others, who process, store, transmit, or have access to any ABC healthcare information. This policy shall be applied to all ABC healthcare information system resources, at all levels of sensitivity, whether owned and operated by ABC healthcare or operated on behalf of the ABC healthcare. Nothing in this policy shall be construed to restrict the independence of the Office of the Inspector General in the performance of its duties as prescribed by the Inspector General Act of 1978, as amended.
3. Authority. This policy is issued pursuant to US-CERT Federal Incident Reporting Guidelines, NIST Special Publication 800-61, and OMB Memorandum M-07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information.
4. Definitions. Information Systems. Any telecommunications and/or computer-related equipment or interconnected system or subsystems of equipment that is used in the acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of voice and/or data (digital or analog); includes software, firmware, and hardware. Computer Information Security Incident. An act or circumstance in which there is a deviation from the requirements of the governing security regulations. Compromise, inadvertent disclosure, need-to-know violation, and administrative deviation are examples of security incidents, including any unauthorized activity that threatens the confidentiality, integrity or availability of ABC healthcare information system resources. Breach. The loss of control, compromise, unauthorized disclosure, unauthorized acquisition, unauthorized access, or any similar term referring to situations where persons other than authorized users, and for an other than authorized purpose, have access or potential access to personally identifiable information, whether physical or electronic. Personally identifiable information (PII). Any piece of information which can potentially be used to uniquely identify, contact, or locate a single person. For example, PII could be an individual’s Social Security number; name or address in conjunction with one or more of the following: date of birth; Social Security number, driver’s license number or state identification; foreign country equivalent to Social Security number, tax identification number or equivalent; financial account number; and credit or debit card number. Agency Response Team (ART). At a minimum, an ad hoc ART assembled to address a breach incident consists of the Program Manager of the program experiencing the breach, the Chief Information Officer, the Senior Agency Security Officer, the Senior Agency Official for Privacy,.
This presentation will have been presenting you about my resume assignment one of book, The Complete Guide to Cybersecurity Risks and Controls. I've tried my best to create this presentation. Thank you
Operationalizing Management of Data Incidents Post Final RuleID Experts
Sophia Collaros, JD, MA, CIPP/US, privacy officer for the University of New Mexico (UNM) Health System and Health Sciences Center, share its transition from manual incident management to an automated system and how this transformed its processes. She'll discuss the organization's culture of privacy compliance, internal and third-party controls, and best practices for meeting data breach regulatory obligations. In addition, Sophia provides lessons learned from UNM's incident management process and tools, including the use of ID Experts RADAR™, providing guidance as to how health care organizations can protect their patients, ensure the integrity of an organization's reputation and comply with federal and state breach notification laws.
To view the Webinar Recording, click here: https://www2.idexpertscorp.com/resources/single/operationalizing-management-of-data-incidents-post-final-rule/r-general
CCPA Compliance from Ground Zero: Start to Finish with TrustArc SolutionsTrustArc
CCPA is in full effect and - as of July 1, 2020 - is being fully enforced. The “wait and see” game is officially over and organizations must be fully compliant in order to avoid regulatory fines and negative publicity. There are many requirements set forth by the CCPA, and building a strong compliance plan can be daunting. Not only does the compliance plan need to be set-up for future growth and changes, but it also needs the flexibility to produce on-demand, customized reports to provide to stakeholders.
TrustArc has helped organizations of all sizes and maturity with CCPA compliance from simple assessments to full automation. Investing time upfront to perform the proper analysis and planning is key to feeling confident that your CCPA compliance program will efficiently and effectively mitigate risk while meeting business objectives.
Join this webinar to see how TrustArc CCPA solutions help organizations of all sizes and maturity achieve and maintain compliance.
This webinar will review:
-Stages of CCPA program maturity
-TrustArc CCPA solutions for every stage of compliance
Microsoft Navigating Incident Response [EN].pdfSnarky Security
The document titled "Navigating the Maze of Incident Response" by Microsoft Security provides a guide on how to structure an incident response (IR) effectively. It emphasizes the importance of people and processes in responding to a cybersecurity incident.
This guide, developed by the Microsoft Incident Response team, is designed to help you avoid common pitfalls during the outset of a response. It's not meant to replace comprehensive incident response planning, but rather to serve as a tactical guide to help both security teams and senior stakeholders navigate an incident response investigation.
The guide also outlines the incident response lifecycle, which includes preparation, detection, containment, eradication, recovery, and post-incident activity or lessons learned. It's like a recipe for disaster management, with each step as crucial as the next.
The guide also emphasizes the importance of governance and the roles of different stakeholders in the incident response process. It's like a well-oiled machine, with each part playing a crucial role in the overall function.
So, there you have it. A snarky Microsoft's guide to navigating the maze of incident response. It's a wild, complex, and often frustrating world, but with the right plan and people, you can navigate it like a pro.
The Science and Art of Cyber Incident Response (with Case Studies)Kroll
In this joint presentation for the ISSA-LA Summit X in Los Angeles, Jennifer Rathburn, a cybersecurity and data privacy law expert at Foley & Lardner LLP and William Dixon, Associate Managing Director in Kroll's Cyber Risk practice, highlight three incident response scenarios and tips on breach preparation and response.
To learn more, contact Jennifer or William at:
Jennifer Rathburn, Foley & Lardner LLP
jrathburn@foley.com; 414-297-5864
William Dixon, Kroll, a Division of Duff & Phelps
william.dixon@kroll.com; 213-247-3973
This presentation is prepared by Author for Perbanas Institute as a part of Author Lecture Series. It is to be used for educational and non-commercial purposes only and is not to be changed, altered, or used for any commercial endeavor without the express written permission from Author and/or Perbanas Institute. Appropriate legal action may be taken against any person, organization, or entity attempting to misrepresent, charge, or profit from the educational materials contained here.
Authors are allowed to use their own articles without seeking permission from any person, organization, or entity.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
2. Copyright 2014 Pearson Education, Inc. 2
Objectives
❑ Prepare for an information security incident
❑ Identify an information security incident
❑ Recognize the stages in incident management
❑ Properly document an information security incident
❑ Understand federal and state data breach notification
requirements
❑ Consider an incident from the perspective of the victim
❑ Create policies related to information security incident
management
3. Organizational Incident Response
■ Incidents drain resources and can be expensive
■ The right time to develop an Incident Response plan
is before an incident occurs
■ Incident preparedness includes having policies,
strategies, plans, and procedures
Copyright 2014 Pearson Education, Inc. 3
4. What Is an Incident?
■ Information security incident is an adverse
event that threatens business security and/or
disrupts service
■ Every organization should be familiar with
and prepared to respond to the following core
group of attacks
❑ Intentional unauthorized access or use
■ Occurs when an insider or an intruder gains logical or
physical access without permission
Copyright 2014 Pearson Education, Inc. 4
5. What Is an Incident? Cont.
❑ Denial of service (DoS) attacks
■ Prevents or impairs the normal authorized functionality
of the organization’s networks, systems, or applications
❑ Malware
■ Code that is covertly inserted into another program with
the intent of gaining authorized access or causing harm
❑ Inappropriate usage
■ Occurs when authorized user performs actions that
violate company policy, agreement, law, or regulation
Copyright 2014 Pearson Education, Inc. 5
6. Incident Severity Levels
■ Three severity levels
❑ Level 1
■ Incidents that could cause significant harm
❑ Level 2
■ Compromise of or unauthorized access to noncritical
systems or information
❑ Level 3
■ Situations that can be contained and resolved by the
information system custodian, data/process owner, or
HR personnel
Copyright 2014 Pearson Education, Inc. 6
7. How Are Incidents Reported?
■ Employees should be required to report all
actual and suspected incidents
■ The employee who discovers an incident may
not be trained or an IT technician
■ The culture of the company needs to
incorporate this point so that employees don’t
feel like they may be ridiculed if they are
wrong
Copyright 2014 Pearson Education, Inc. 7
8. What Is an Incident Response
Program
■ Composed of policies, plans, procedures,
and people
■ An incident response plan (IRP) is a roadmap
of reporting, responding, and recovery
actions
■ Incident response procedures are detailed
steps needed to implement the plan
Copyright 2014 Pearson Education, Inc. 8
9. What Is an Incident Response
Program Cont.
■ Activities in the IRP
❑ Preparation
❑ Detection and investigation
❑ Initial response
❑ Containment
❑ Eradication and recovery
❑ Notification
❑ Closure and post-incident activity
❑ Documentation and evidence-handling
requirements
Copyright 2014 Pearson Education, Inc. 9
10. Key Incident Management
Personnel
■ Incident response coordinator (IRC)
❑ Central point of contact for all incidents
❑ Verifies and logs the incident
■ Designated incident handlers (DIHs)
❑ Senior-level personnel who have crisis
management and communication skills,
experience, and knowledge to handle an incident
■ Incident response team (IRT)
❑ Trained team of professionals that provide
services through the incident lifecycle
Copyright 2014 Pearson Education, Inc. 10
11. Investigation and Evidence
Handling
■ Incidents should be thoroughly documented
■ Depending on the incident it may be
necessary to contact local, state, or federal
law enforcement
❑ The IRT team should be acquainted with
applicable law enforcement representatives
■ Incident handlers that perform forensic
analysis should be familiar with forensic
principles, guidelines, procedures, tools, and
techniques
Copyright 2014 Pearson Education, Inc. 11
12. Investigation and Evidence
Handling cont.
■ The process of digital forensic includes
❑ Collection
❑ Examination
❑ Analysis
❑ Reporting
■ Chain of custody applies to physical, digital, and
forensic evidence
❑ It is used to prove that evidence has not been altered
■ Evidence should be stored in a secure location
Copyright 2014 Pearson Education, Inc. 12
13. Data Breach Notification
Requirements
■ Federal requirements that address the
protection of personally identifiable
information (PII)
❑ Gramm-Leach- Bliley Act (GLBA)
❑ Health Information Technology for Economic and
Clinical Data Act (HITECH)
❑ The Federal Information Security Management
Act (FISMA)
❑ Federal Education Rights and Privacy Act
(FERPA)
Copyright 2014 Pearson Education, Inc. 13
14. State Breach Notification Laws
■ 46 states, the District of Columbia, Puerto
Rico, and the Virgin Islands have enacted
notification laws designed to protect their
residents
■ States with no security breach laws include
❑ Alabama
❑ Kentucky
❑ New Mexico
❑ South Dakota
Copyright 2014 Pearson Education, Inc. 14
15. Copyright 2014 Pearson Education, Inc. 15
Summary
■ An information security incident threatens business
security and disrupts operations. Examples of incidents
include unauthorized access, DoS attacks, malware, and
inappropriate usage.
■ Companies should have an incident response plan that
details how incidents should be handled and the roles
and responsibilities of key personnel
■ In most situations data breaches of PII should be
reported to the appropriate authority and affected parties
notified