COVID-19 Update: We are currently shipping orders daily. However, due to transit disruptions in some geographies, deliveries may be delayed. To provide all customers with timely access to content, we are offering 50% off Science and Technology Print & eBook bundle options. Terms & conditions.
Data Breach Preparation and Response - 1st Edition - ISBN: 9780128034514, 9780128034507

Data Breach Preparation and Response

1st Edition

Breaches are Certain, Impact is Not

5.0 star rating 1 Review
Author: Kevvie Fowler
Paperback ISBN: 9780128034514
eBook ISBN: 9780128034507
Imprint: Syngress
Published Date: 8th June 2016
Page Count: 254
Sales tax will be calculated at check-out Price includes VAT/GST
Price includes VAT/GST

Institutional Subscription

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.


Data Breach Preparation and Response: Breaches are Certain, Impact is Not is the first book to provide 360 degree visibility and guidance on how to proactively prepare for and manage a data breach and limit impact. Data breaches are inevitable incidents that can disrupt business operations and carry severe reputational and financial impact, making them one of the largest risks facing organizations today. The effects of a breach can be felt across multiple departments within an organization, who will each play a role in effectively managing the breach. Kevvie Fowler has assembled a team of leading forensics, security, privacy, legal, public relations and cyber insurance experts to create the definitive breach management reference for the whole organization.

Key Features

  • Discusses the cyber criminals behind data breaches and the underground dark web forums they use to trade and sell stolen data
  • Features never-before published techniques to qualify and discount a suspected breach or to verify and precisely scope a confirmed breach
  • Helps identify your sensitive data, and the commonly overlooked data sets that, if stolen, can result in a material breach
  • Defines breach response plan requirements and describes how to develop a plan tailored for effectiveness within your organization
  • Explains strategies for proactively self-detecting a breach and simplifying a response
  • Covers critical first-responder steps and breach management practices, including containing a breach and getting the scope right, the first time
  • Shows how to leverage threat intelligence to improve breach response and management effectiveness
  • Offers guidance on how to manage internal and external breach communications, restore trust, and resume business operations after a breach, including the critical steps after the breach to reduce breach-related litigation and regulatory fines
  • Illustrates how to define your cyber-defensible position to improve data protection and demonstrate proper due diligence practices


Information Security professionals of all levels, digital forensic examiners and investigators, InfoSec consultants, attorneys, law enforcement officers. Also privacy and loss prevention experts, business managers and executives, PR managers and sysadmins

Table of Contents

  • About the Author
  • About the Contributors
  • Acknowledgments
  • Chapter 1: An Overview of Data Breaches
    • Abstract
    • Introduction
    • What Is a Data Breach?
    • Lifecycle of a Breach
    • Sources of Data Breaches
    • Impact of a Data Breach
    • Historical Challenges With Breach Management
    • Summary
  • Chapter 2: Preparing to Develop a Computer Security Incident Response Plan
    • Abstract
    • Introduction
    • CSIR Plan Planning
    • Summary
  • Chapter 3: Developing a Computer Security Incident Response Plan
    • Abstract
    • Introduction
    • Developing the Data Breach Response Policy
    • CSIR Plan Validation and Testing
    • Summary
  • Chapter 4: Qualifying and Investigating a Breach
    • Abstract
    • Introduction
    • Invoking the CSIR Team
    • Critical First Responder Steps
    • Engaging and Managing Third Parties
    • Investigating the Suspected Breach
    • Confirming or Denying a Suspected Breach
    • Conclusion
  • Chapter 5: Containing a Breach
    • Abstract
    • Introduction
    • Breach Containment
    • Removing Posted Information From the Internet
    • Containing Compromised Systems
    • Summary
  • Chapter 6: Precisely Determining the Scope of a Breach
    • Introduction
    • Database Forensics Overview
    • Using Database Forensics in an Investigation
    • Database Forensic Tools
    • Connecting to the Database
    • Database Artifacts
    • Analyzing Database Artifacts
    • What Are You Trying to Accomplish With Your Investigation?
    • Summary
  • Chapter 7: Communicating Before, During and After a Breach
    • Abstract
    • Introduction: The Concept of Cyber Resilience
    • Before a Crisis
    • During a Crisis
    • After a Crisis
  • Chapter 8: Restoring Trust and Business Services After a Breach
    • Abstract
    • Introduction
    • The Difference Between Containment and Recovery
    • Recovering Your Environment
    • Certifying Your Environment
    • Restoring Business Services
    • Conducting a Breach Postmortem Review
    • Improving Cyber Security After a Breach
    • Creating a Cyber Defensible Position
    • Summary
  • Chapter 9: Preparing for Breach Litigation
    • Abstract
    • Introduction
    • Breach Litigation
    • From Claim to Settlement
    • The Volume of Breach Lawsuits
    • Preparing for Breach Litigation
    • Breaches and the Board
    • Summary
  • Appendix
  • Index


No. of pages:
© Syngress 2016
8th June 2016
Paperback ISBN:
eBook ISBN:

About the Author

Kevvie Fowler

Kevvie is a Partner and National Cyber Response Leader for KPMG Canada and has over 19 years of IT security and forensics experience. Kevvie assists clients in identifying and protecting critical data and proactively preparing for, responding to and recovering from incidents in a manner that minimizes impact and interruption to their business.

Kevvie is a globally recognized cyber security and forensics expert who in addition to author of Data Breach Preparation and Response is author of SQL Server Forensic Analysis and contributing author to several security and forensics books. He is an instructor who trains law enforcement agencies on cyber forensic and response practices. His cyber forensics research has been incorporated into formal course curriculum within industry and academic institutions including ISC2 and the University of Abertay Dundee. Credited with advancing the field of digital forensic science, Kevvie is a SANS lethal forensicator and sits on the SANS Advisory Board where he guides the direction of emerging security and forensics research.

As a sought after speaker, Kevvie has engaged executive and technical audiences at leading conferences and events including Black Hat, SECTOR, OWASP and the HTCIA and is a resource to the media with features on-air and in print within leading television, news and industry publications including The Business News Network, The Globe and Mail and Information Security and SC magazine.

Affiliations and Expertise

Partner and National Cyber Response Leader for KPMG Canada, GCFA Gold, CISSP


"The topic is covered beautifully and thoroughly, and approached from many different angles…Rare are the authors that know how to explain complex topics in a simple manner and know how to avoid boring the reader, but these authors belong to that category." --Help Net Security

"This book provides a thorough grounding in all the aspects of preparing for, dealing with and mopping up after a data breach and is likely to present issues you hadn’t considered." --Network Security

Ratings and Reviews