Incident Response & Threat Intelligence
T4-2A. What To Do When It All Goes To Hell In A Hand-Basket
Tuesday, June 11, 2024 12:45 PM - 3:45 PM
You know the moment, we ALL know the moment. Our stomach drops, we break out into cold sweat, and we pray to the nearest deity. Unfortunately the next steps CAN be somewhat fuzzy, ill-informed (and ill-advised) and often involve folks running round like headless chickens. A breach situation, ransomware project, or simply a burning building is NOT a good time to see if your Incident Response plan works. (IF you're fortunate enough TO have one!) We're going to take the time during this workshop to talk about what you need, arm you with the right checklists, talk through situations, and a HEAP of other things (including a table top or three) We'll LEAVE you better informed, more aware, and with a better chance of surviving an incident. Consider this a boot camp, 101, or refresher for folks on IR, DR, BCP, DFIR, and all other acronyms we use to describe "one of those days". This hopefully helps you prepare a LOT more efficiently than reaching for the yellow pages and picking an insurance company and cybersecurity team at random.
After this session we expect, hope, and anticipate that the attendees will be better armed with the following: - A clear understanding of the basic frameworks (NIST etc.) on how to manage an incident - A set of tools to better work through an incident (lists, objectives, tests, etc.) - IF we can swing it, a set of backdoor and breaches cards... - A much cleared understanding of what IS a breach, when one must declare it, and what to do/whom to engage - Better prepared to face an incident AND how to recover their organization (and prepare etc.) - A community to call on