When to Declare an Information Security Incident and How to Respond When You Do
In addition to the presentation with Don Becker and Vlad Grigorescu, I presented at this year's EDUCAUSE/Internet2 Security Professionals (ESP) Conference with Bob Henry.
This talk was of a more introductory nature, and stressed the need to have an incident response plan in place before things go bad. Any time that you can be in a position where you are responding in a premeditated way, rather than reacting and having to improvise on the spot, you are better off.
My role in the presentation was to talk a little about high-level cycles that pretty much all attacks go through, and what we, as a defender, can do to try and preventing those attacks from being successful, or failing that, to limit the damage that they do.
Bob then took the foundation that I built and went through a case study of an actual breach that he worked.
The slides are available at the EDUCAUSE web site.
This talk was of a more introductory nature, and stressed the need to have an incident response plan in place before things go bad. Any time that you can be in a position where you are responding in a premeditated way, rather than reacting and having to improvise on the spot, you are better off.
My role in the presentation was to talk a little about high-level cycles that pretty much all attacks go through, and what we, as a defender, can do to try and preventing those attacks from being successful, or failing that, to limit the damage that they do.
Bob then took the foundation that I built and went through a case study of an actual breach that he worked.
The slides are available at the EDUCAUSE web site.