Security Response Survival Skills presented at Shmoocon2019 2019

by Ben Ridgway,

Summary : Despite the many talks addressing the technical mechanisms of security incident response (from the deep forensic know-how to developing world-class tools), the one aspect of IR that has been consistently overlooked is the human element. Not every incident requires forensic tooling or state of the art intrusion detection systems, yet every incident involves coordinated activity of people with differing personalities, outlooks, and emotional backgrounds. Often these people are scared, angry, or otherwise emotionally impaired. Drawing from years of real-word experience, hundreds of incidents worked by Microsoft Security Response Center, and the many lessons learned from some of the greats in IR around the company, this talk will delve into: •Human psychological response to stressful and/or dangerous situations•Strategies for effectively managing human factors during a crisis•Structures that set incident response teams up for success•Techniques that make better managers, responders, and investigators•Tools for building a healthy and happy incident response teamEffectively navigating the human element is a critical skill for anybody who may be called upon to manage or participate in a security incident. This talk is geared toward occasional or full-time responders who are looking for practical human-management skills.