A recently released book from the Information Systems Audit and Control Association (ISACA) offers guidance on how to avoid, prepare for and recover from cyber attacks.
Cybercrime: Incident Response and Digital Forensics provides details on developing and implementing an incident response plan, basic elements for a successful digital forensics investigation, and how global regulations are addressing cybercrime risks.
The book also lists questions board members must ask about cyber attacks, including:
• What is the amount of risk acceptable to the organization?
• Have sufficient resources been allocated to address preparation for and response to cyberattacks?
• How quickly can the enterprise respond to a cyberattack?
“It is crucial to ask these questions and to have a well-developed incident response plan,” said the book’s author, Robert Schperberg. “Cyberattacks can have an immediate and catastrophic impact on an organization. They are especially devastating to organizations that are not prepared.”
The book is available at the ISACA Bookstore (www.isaca.org/bookstore).