Friday, April 26, 2013

When to Declare an Information Security Incident and How to Respond When You Do

In addition to the presentation with Don Becker and Vlad Grigorescu, I presented at this year's EDUCAUSE/Internet2 Security Professionals (ESP) Conference with Bob Henry.

This talk was of a more introductory nature, and stressed the need to have an incident response plan in place before things go bad. Any time that you can be in a position where you are responding in a premeditated way, rather than reacting and having to improvise on the spot, you are better off.

My role in the presentation was to talk a little about high-level cycles that pretty much all attacks go through, and what we, as a defender, can do to try and preventing those attacks from being successful, or failing that, to limit the damage that they do.

Bob then took the foundation that I built and went through a case study of an actual breach that he worked.

The slides are available at the EDUCAUSE web site.

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.