2      0

(ISC)² Security Congress 2021 - Career Center & Recordings

1778607 - Incident Response: How To Keep Your Company Name Out Of The Evening News

Oct 20, 2021 10:30am ‐ Oct 20, 2021 11:30am

Credits: None available.


This presentation will shift away from antiquated ways of handling incident response to modern-day approaches that are much more effective. Among discussion items: -There needs to be a paradigm shift of how incident response is handled. Stop just responding, start proactively threat hunting and threat modeling. -Incident Response is not centric to CSIRT teams. Mature incident response involves the entire organization, including the business (legal, privacy, HR, etc.) - A CSIRT that is purely built on technical skills is inefficient. Diverse backgrounds and especially soft skills on a CSIRT are imperative. -Stop trying to document/create a playbook for everything. Creativity and flexibility lend to much more effective incident response.

Learning Objectives:
  • Conduct a holistic analysis of their incident response program and identify the weak areas that need improvement.
  • Understand the importance of diversifying an incident response (or CSIRT) team to include not just the technical folks, but those from other lines of business.
  • Describe what approaches to incident response are antiquated, and understand what new processes/ideas should be adopted.


  • John Dwyer, Global Threat Assessment Lead, IBM X-Force Incident Response
  • Meg West, M.S., CISSP, Cybersecurity Incident Response Consultant, IBM X-Force Incident Response
Tags: Basic


  • 1.00 - CPE

You must be logged in and own this session in order to post comments.