Security Congress Abstract
3015 - The Art & Science of Incident Response
Wednesday, October 10
1:45 PM - 3:45 PM
Location: Floor 2: Studio 9
Part 1 - A strong incident response plan is a key component of any organization's cyber defense. Many organizations, however, have an ineffective, or non-existent cyber response plan. We only need to look to the daily news to see the impact that an ineffective cyber response can have on an organization's bottom line. A strong plan can help you identify and respond quickly to a cyber incident, and mitigate the financial and reputational costs. Michael Quinn and Lucie Hayward will talk through the key components of a successful incident response plan. As experienced cyber responders, they have worked with organizations across all industries to develop and improve their cyber incident response plans.
Part 2 - You’ve identified a possible network compromise. Now what? Is your team ready to respond quickly? Do you know what steps to talk in order to mitigate damage and begin remediation? What decisions need to be made? Do you have the right people at the table? Do you disclose to the public? Are you adequately prepared to handle an insider threat? Now that you are familiar with the key components of an incident response plan we'll talk you through a real-world cyber scenario and help you identify critical decision points and key next steps, both business and technical.
- Understand the difference between an event and an incident, and why the distinction is important.
- Learn how to build out your Incident Response Team (IRT) and who should be included
- Understand the Incident Response Process - who does what, and when