The Tortured Responders Department: Scott & Rebekah's Version
HTML-код
- Опубликовано: 5 окт 2024
- Just when you think you have your DFIR processes buttoned up - investigation wrapped, remediations complete, defenses in place, it turns out you’re not done. Someone has to tell the world what just happened, and it may or may not be you. Cyber security has moved from a niche topic discussed in small circles to news-cycle leading events that are talked about by leaders in both business and government. As a result the way companies talk about security incidents is more critical than ever - and it’s not getting any easier.
New worldwide regulations have the potential to impact security professionals by imposing stringent compliance requirements across various sectors and regions, especially when it comes to mandatory security incident reporting. At the same time security is becoming more and more of a team sport as defenders need to leverage every lesson learned to gain advantages. This is all well and good in theory - but what does it mean in the middle of an incident? What should you be sharing about a network compromise and when? With whom? Are you sure?
In this talk, we will cover best practices for communicating internally and externally before, during, and after an incident through case studies, including taking a deep dive into how the changing regulatory and security landscapes may change your communication strategy and how to prepare. You’ll leave better prepared to inform your stakeholders, regulators, and the public in the midst of a security event, before it turns into a security crisis.
SANS DFIR Summit 2024
The Tortured Responders Department: Scott & Rebekah's Version
Speakers:
Scott Roberts, Head of Threat Research, Interpres Security
Rebekah Brown, Certified Instructor Candidate, SANS Institute
View upcoming Summits: www.sans.org/u/DuS
Great talk, thanks for sharing