BackCover

Most businesses are aware of the danger posed by malicious network intruders and other internal and external security threats. Unfortunately, in many cases the actions they have taken to secure people, information and infrastructure from outside attacks are inefficient or incomplete. Responding to security threats and incidents requires a competent mixture of risk management, security policies and procedures, security auditing, incident response, legal and law enforcement issues, and privacy.

Critical Incident Management presents an expert overview of the elements that organizations need to address in order to prepare for and respond to network and information security violations. Written in a concise, practical style that emphasizes key points, this guide focuses on the establishment of policies and actions that prevent the loss of critical information or damage to infrastructure.

CTOs, CFOs, Chief Legal Officers, and senior IT managers can rely on this book to develop plans that thwart critical security incidents. And if such incidents do occur, these executives will have a reference to help put the people and procedures in place to contain the damage and get back to business.

About the Author

Alan B. Sterneckert is the owner and general manager of Risk Management Associates. A retired Special Agent, Federal Bureau of Investigation, Mr. Sterneckert is a professional specializing in critical incident and risk management, IT systems security, and systems auditing.

During his 24-year tenure with the FBI, Mr. Sterneckert was responsible for many significant investigations into multi-national white collar crime and narcotics trafficking organizations. He was stationed in Dallas, New York, San Juan, and Salt Lake City.

Before entering the FBI, he was a member of the U.S. Air Force, where he specialized in communications and information security.

He graduated from Weber State University (B.A.) and Long Island University (M.S.). He holds the following professional certifications: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), and Certified Fraud Examiner (CFE).