The Evolution Of Incident Response presented at Blackhat USA 2004

by Kevin Mandia,

Tags: Security

Summary : During the course of 2003, Mr.
Kevin Mandia responded to over 20 computer security incidents at some of
America’s largest organizations.  Mr. Mandia was on the front
lines assisting these organizations in responding to international
computer intrusions, theft of Intellectual Property, electronic
discovery issues, and widespread compromise of sensitive
data. During his efforts to resolve these incidents, many similar
challenges and issues confronted each organization. During this
presentation, Mr. Mandia re-enacts some of the incidents, provides
examples of how these incidents impacted organizations, and discusses
the challenges that each organization faced.  He demonstrates the
“State-of-the-Art” methods being used to perform Incident Response, and
how these methods have not really evolved since 1988. He outlines
the need for new technologies to address these challenges, and what
these technologies would offer. He concludes the presentation by
discussing emerging trends and technologies that offer strategic
approaches to minimize the risks an organization faces from the
liabilities the information age has brought.