5      0

1778607 - Incident Response: How To Keep Your Company Name Out Of The Evening News

‐ Oct 20, 2021 10:30am

This presentation will shift away from antiquated ways of handling incident response to modern-day approaches that are much more effective. Among discussion items: -There needs to be a paradigm shift of how incident response is handled. Stop just responding, start proactively threat hunting and threat modeling. -Incident Response is not centric to CSIRT teams. Mature incident response involves the entire organization, including the business (legal, privacy, HR, etc.) - A CSIRT that is purely built on technical skills is inefficient. Diverse backgrounds and especially soft skills on a CSIRT are imperative. -Stop trying to document/create a playbook for everything. Creativity and flexibility lend to much more effective incident response.

Learning Objectives:

  • Conduct a holistic analysis of their incident response program and identify the weak areas that need improvement.
  • Understand the importance of diversifying an incident response (or CSIRT) team to include not just the technical folks, but those from other lines of business.
  • Describe what approaches to incident response are antiquated, and understand what new processes/ideas should be adopted.




You must be logged in and own this session in order to post comments.