“It’s the Living I Fear” – Cyber Security Post Incident Review

November 18, 2020 – 12:45PM EST

Most incident response plans only address eradication and recovery in an effort to return the business to normal operations as quickly as possible. In the haste to close investigations and move on to the next issue, it’s easy to ignore the critical phase of post-incident review. Skipping this phase robs security teams of invaluable learning opportunities to identify technical and procedural gaps, improve team operations and communication, and increase visibility for leadership on where additional training and team development is needed to reduce future impact on the business.

This talk will introduce best practices for post-incident reviews, including how to unify stakeholders on desired outcomes, monitor for gaps in processes, and use metrics to reduce uncertainty and communicate effectively with business leaders.

Learning Objectives

  • Set up a Post-Incident Review program that allows security teams to identify technical and procedural gaps, create road map to improve team operations and communication, and increase visibility for leadership on where additional training and team development is needed.
  • Develop a common language for involved stakeholders in incident reporting that unifies team members and leaders alike.
  • Learn how to leverage a post-incident review program to create foresight about potential future impact through specific activities.

Faranak Firozan

Incident Response, NVIDIA

You need to purchase your pass and register for Security Congress before you can save your spot to attend this session.