Unless you’ve lived through a critical breach you might not know that you could have a key role responding to a real-world incident. Critical breaches could be a result of sensitive data loss, ransom or destruction, service unavailability, damage to critical infrastructure, or even asset loss. Successful attacks are executed against common services within an IT environment. Just because you’re not part of the SOC doesn't exclude you from potential responsibilities in response activities. As security operations assess the impact of the attack, actions will require support from multiple organizations which could include management, web, email, hosting, application, billing, legal, authorities and marketing teams. All hands on deck, everyone could play a role in responding.
- Does your security organization have an Incident Response (IR) Plan?
- If so, do you have a role within the IR plan, run book or playbook? Do you know what a run book or playbook is and how it's implemented?
All IT personnel need to know their roles and responsibilities responding to a cyber-incident. If you don't know, this session will provide considerations and context you need to consider.
900 Barton Springs Rd
Austin, TX 78704