The First 72 Hours presented at CISOhouston 2016

by Derek Rude, Steve Neiers, Ryan Vela,

Summary : The initial signs of a security incident are rarely black and white. The first questions CISOs must ask are “Is this a real incident?” and “How should I respond?” Ryan Vela leads this discussion on the first and most critical hours of a potential incident response. While removing the attacker is obviously the end goal, security teams must first understand the nature and scope of the incident to identify the course of action that will be most effective at removing the attacker while balancing the risk to the organization and the disruption that the response can cause.
Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).