Incident Response - Practice Makes Perfect - Before an Incident
The absolute worst time to develop a breach response plan is directly after you have discovered a breach. The absolute best way to have your response team fail is to have them untrained on rarely practiced procedures while being overly reliant upon expensive, improperly configured technology. It is proven that humans perform at their least effective under exactly these conditions, making the task of recovery and root-cause analysis far more challenging than it could be. We'll see that by focusing on the people/process functions more than technology when an attack is identified, a measured and practiced response can be smoothly executed, providing the best possible path to remediation. In this session we will discuss this issue from two very different perspectives, firstly from an academic perspective, see the results of exhaustive research into incident response from the organization that coined the term CERT. In contrast we'll here from an experienced practitioner, with lessons learned from real world deployments.
See Also: The Essential Guide To Machine Data
Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.