Name
F9. Cyber Incident Response from the Trenches: The IR checklist that got you here won’t get you out of here!
Track
Vendor
Date
Thursday, June 6, 2019
Time
11:15 AM - 12:15 PM
Description
Every week a new organization is in the news because they have been breached and their customers’ or their own data was stolen. More than ever, it is vital that CISOs and their organizations have robust Cyber Incident Response programs and capabilities. Security professionals are all well versed in the 6 steps to IR: detect, identify, contain, remediate, recovery, lessons learned. But having checklists and call rosters are not the only things to consider. Incidents basically come down to three phases. There is before a compromise/breach occurs, during the incident and the post incident. There are valuable takeaways for security leaders, their teams and the partners they may use for IR services to consider in each phase.
Learner Objectives
Takeaway for attendees:
They will learn what needs to be thought about before an incident, what should be consider during an incident, and what needs to be taken away post incident. Specifically, we will answer key questions:
  • When to declare a security incident and initiate a formal incident response process?
  • What is the one key thing you must have to be successful at IR?
  • What steps must be taken proactively in the IR program creation process?
  • Keys to successful IR and surviving the incident .
  • Looking forward…..what should be consider post incident response?
Speaker Bio(s)
Terrence Lillard is valuable member of the NTT Security Incident Response Consulting team functioning as a cybercrime/cyber forensics expert and actively involved in computer, intrusion, and network forensics investigations. Mr. Lillard has more than 25 years of experience building and managing complex secured enterprise solutions and security operations centers. This entails designing and implementing enterprise-wide security architectures for various fortune 500 clients and military, federal, state, and local government organizations. In addition, Mr. Lillard has years of experience as a trusted advisor providing information security, risk management and regulatory compliance services to executives in various sectors. Mr. Lillard functioned as a Forensics Expert Witness in several highly publicized cases within Federal and State courts.
 
Dan Garlick currently is the Global Director Of Cyber Security Operations for Hitachi Vantara. He is a passionate Security Leader and Security Evangelist, with 24 years of Information Security experience including 17 years management with global organization. His focus has been creating and leading high impact enterprise cyber security programs and teams for global organizations. His expertise includes the areas of Security Operations Centers, Incident Response, Red Teams, Information Security Leadership and Threat Intelligence. Dan started his career with as an US Air Force Officer, has worked on Wall Street, Big 4 Consulting and Global Fortune 100 organizations among others. He believes strongly in looking at today’s security threat landscape with an open mind and encourages new ideas to solve old problems.
CEUs
1