A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Process - The Salvation of Incident Response - Charles Herring Converge 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Process - The Salvation of Incident Response
Charles Herring

Skilled incident responders are in rare supply. InfoSec tools fall short of automated detection. Sophisticated, targeted attacks are on the rise. In short, the attackers are winning. In a 2014 [survey conducted by the Ponemon Institute](http://www.lancope.com/resources/industry-report/ponemon-institute-report-cyber-security-incident-response-are-we-prepared), most respondents said that the best thing their organization could do to mitigate future breaches is improve their incident response capabilities. However, most respondents also said that less than 10 percent of their security budget is used for incident response. Under these circumstances, what can be done to turn the tide against cyber-attacks? The (un-sexy) answer is process. This session will examine how to maximize existing personnel and tools to more effectively identify and quantify security risks. Topics to be covered include: - Identification of systematic security holes/failures - How to effectively communicate failures to management - Methods and approaches to automating incident response - How to train incident responders using process - How incident response can improve tool purchasing decisions - Building a transformational roadmap to secure operations At the end of the session, attendees will have a better understanding of incident response, and how they can implement a more effective IR process without starting from ground zero.

Charles Herring is a Consulting Security Architect at Lancope. He began his information security career in 2002 as a network security analyst and network security officer with the U.S. Navy. After the Navy, he spent six years consulting with the Federal government, disaster relief organizations and enterprises on network security, communication and process improvement. He has also served as a network security product tester for InfoWorld Magazine.

Back to Converge 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast