Speaker: Ramses Martinez
In today's enterprise environment an incident responder must not only be a technical expert but also posses a good understanding of the legal, economic and human aspects of dealing with a security incident. This increase in complexity has resulted in incident response becoming one of the most challenging disciplines in the filed of information security.
During this presentation three real life incident cases will be discussed; a social engineering, one a targeted phishing email and a DDoS attack. In each of these cases the dependencies between an information security team and the legal, financial, HR and executive team will be analyzed. The processes tools and roles used by each of the groups involved will be discussed in detail as well as the impact that geography and culture have on the incident handling process. Lesson learned, containment, mitigation and recovery strategies will also be shared with the audience during this presentation.