Everything you always wanted to know about incident response (*but were afraid to ask and for a good reason)
Future Cyber Tech, Application Security & DevOps Theatre
Wed 26th Sep 01:40 to 02:10
The threat landscape has changed yet again. What was several years ago an era of advanced attackers seeking valuable data, has transformed to be global disruptive data related plagues, backwinded by nation-states seeking to dictate agenda and terms. In respect to the evolving threat landscape, organizations came to realize that compromise is inevitable and have started to look for ways to respond quickly, automatically and in real-time in order to prevent the next data breach or disruption. The evolving incident response process holds in store a great challenge as the process effectiveness metric is fairly easy to measure. Do you actually know how effective is your current SOC/IR/MDR in detecting, validating, containing and remediating infections in the environment? Are you ready to win the race to your own data?
What you will take away from this session
- Unmitigated threats cost more as time goes on. Response time is critical; reduce dwell time
- Minimizing security events directly reduces workload on the SOC
- Systems that automatically classify security data reduce burden on incident response teams