Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan 1st Edition

I read this book because it was a requirement for my Cyber Security class at Columbia. I will say that I went in already having a Computer Science degree and 10 years of experience in Software Development, so it was easy for me to navigate the technical concepts that the book touches on without difficulty. Another warning I have about Cyber Security in general is that there are a lot of acronyms to know, and I ended up downloading a flashcard app to help myself memorize them all in order to get through this book and the class itself.If you're thinking about reading it outside of school, I'd recommend it for anyone in a CIO, CISO, or Security Engineer type of role at a company. It's very straightforward and to the point, and it offers specific, detailed, and research backed recommendations for how to establish processes within a company to minimize the risk of a breach. The focus of the book is on how to establish a CIRT (Cyber Incident Response Team), what their responsibilities are and should be, how they should function, how to build a "playbook" for their operations, and ultimately how to best use a dedicated team of analysts and engineers to detect and react to a cyber event within a company. If that's what you're looking for this is a great text. If you want a more general introduction to cyber security then this might not be the only book you want to read.

Very good guide on InfoSec program policy development. I think this should be mandatory for anyone moving 'up the chain' in security. In my role as a consultant, I find that there are smart people doing good things...in silos. This guide is a good foundation for building a program that ties disparate efforts together as a cohesive and effective infosec program. This book continues to be a good reference.I think the book could have been improved with more pictures of alligators and other dangerous reptilian creatures.

This book is kind of old for the tech world and it is a surprise that it has not been updated yet.I gave it 4 stars because: While not cheap, it was not as expensive as other required CyberSec/IT books, the concepts addressed were not hardware specific but rather a learning tool to be used to formulate individualized plans for organizations, and it is written in a well balanced and not so boring manner.

Phenomenal book, chock full of great ideas about how to build and operationalize your SOC. Includes high level concepts as well as detailed technical ideas. Highly recommended for anyone building or improving a security program.

Great book for infosec pros it gives you an advanced insight about the incident response challenges. The idea of a playbook for IR is great.

Excellent.

Great resource, timely and relevant, should be fundamental reading for network security / cyber security professionals. Great job guys!

I'm a DFIR investigator with a fair share of experience in this field and I've always been interested in any books on such topics. As far as I can tell Crafting the InfoSec Playbook wants to be a guideline for how to run a SOC.The first chapters cover very generic facts and best practices around IR and the management of a SOC. During the first 6 chapters I felt like reading Cpt. Obvious notes about running a SOC.The real "action" starts with chapter 7 and it's quite interesting/useful. You can tell the authors have a solid background in IR but the book will be of little help for mature/advanced security teams.