The Practitioner Series is intended for the CISO, their direct staff, and all practitioners of cybersecurity in the firm who need to understand critical processes at an in-depth level. For these books, we’re working with industry experts to augment our expertise on any given topic. As with the Foundation Series, Volumes 1 and 2, we are employing the use of different perspectives within each topic. How the decision maker, manager, and engineer approach a given topic depends greatly on what they want to accomplish.

We have certainly entered the era of the celebrity breach. Rather than dwell on the technical capabilities of the bad actors or the technical shortcomings of the victims, in this book we’re going to focus on the key lessons we can learn. It is so important that everyone understands how their role contributes to the overall security of the venture, so we’ll look at the controls we should have in place, the best practices we should implement, the monitoring that would detect our vulnerabilities, and the audit tasks we should perform to create a healthier program. Board members are asking “Could this happen to us?” and we need to examine what went wrong before we can answer that question.

This book can be used to strengthen your team and educate executives who wish to have a deeper understanding of incident response preparation and incident postmortem investigations. It can also be used by educators as material for class assignments, including group projects.