Effective Ways to Operate a Breach Response Unit
Most organizations in Asia continue to address breach response in a reactive mode - having a crude disaster-recovery plan in place in case something "does" happen, rather than accepting that something "will" happen and proactively preparing for it.
Once breached, the post-breach investigation and response is most critical, followed by building resilient defenses. Given the technological advancement and the technology sprawl, security practitioners are in a state of chaos. Against this backdrop, what do organizations need to know about incident response?
The session addresses:
- Enhancing forensic capabilities in detecting breaches;
- Sizing up why it's important to have a specialist response once an attack/breach is discovered;
- Determining whether incident response should outsourced or led by the security team; and
- Investigating security incidents and assessing compromise levels.