The accreditors of this session require that you periodically check in to verify that you are still attentive.
Please click the button below to indicate that you are.
This presentation will shift away from antiquated ways of handling incident response to modern-day approaches that are much more effective.
Among discussion items:
-There needs to be a paradigm shift of how incident response is handled. Stop just responding, start proactively threat hunting and threat modeling.
-Incident Response is not centric to CSIRT teams. Mature incident response involves the entire organization, including the business (legal, privacy, HR, etc.)
- A CSIRT that is purely built on technical skills is inefficient. Diverse backgrounds and especially soft skills on a CSIRT are imperative.
-Stop trying to document/create a playbook for everything. Creativity and flexibility lend to much more effective incident response.
Learning Objectives:
Conduct a holistic analysis of their incident response program and identify the weak areas that need improvement.
Understand the importance of diversifying an incident response (or CSIRT) team to include not just the technical folks, but those from other lines of business.
Describe what approaches to incident response are antiquated, and understand what new processes/ideas should be adopted.
Speaker(s):
John
Dwyer,
Global Threat Assessment Lead,
IBM X-Force Incident Response
Meg
West,
M.S., CISSP,
Cybersecurity Incident Response Consultant,
IBM X-Force Incident Response