8:10 am Moving from Incident Preparation to Effective Response
Time: 8:15 am
day: Day 2
Details:
- Covering the phases of incident handling (e.g. detection, containment, eradication) and the role of tools like forensic analysis and log collection in mitigating security incidents
- Understanding who to contact in the event of a breach: When should executive teams be involved in incidents versus when can technical teams manage them independently?
- Creating a process for regular simulations to refine decision-making, stakeholder roles, and communication paths during an incident
