Technology Seminar Series
Presenting: Incident Response Playbook Creation
Playbooks are an important part of any information security program. They offer structure, realistic and flexible procedures to assist in the triage of almost any cyber security situation.
There will be a focus on Ransomware and Business Email Compromise as these are currently the most common attack vectors.
As a group we will review playbooks taken from real life attack situations and cover best practices, do’s and don’ts, structure, and maintenance. We will also cover ways to successfully test playbooks by using different defense and response methods that can work in a variety of organizations and situations.
Participants are welcome to bring their own playbooks or example playbooks to the workshop as long as they do not contain any confidential information that may put them or their organization at risk.
Participants will be able to take away the following materials and skills at the completion of this course:
- Participating in and creating tabletop exercises that map to security frameworks.
- Understanding and creating IR playbooks and runbooks.
- Understanding of the importance of tabletops, playbooks, and runbooks in any size organization.
- Experience with decision analysis under pressure as a team.
- Ability to create after action reports and present results.
Meet the Instructors
Amanda is a Lead Incident Detection Engineer for Blumira and the CEO and owner of the nonprofit corporation Mental Health Hackers. She is the author for a Blue Team best practices book called Defensive Security Handbook: Best Practices for Securing Infrastructure with Lee Brotherston through O’Reilly Media. She is a co-host on the Brakeing Down Security podcast and writes for several blogs. (@infosystir)
Jeremy has focused expertise within the evolution of security convergence, the merger of physical and information security, and cyber-warfare. He leads a government cybersecurity team and is Principal Partner at CodeRed LLC. Previously, he worked within Fortune 500 in enterprise information security as well as physical security through training/contracting. (@cyborg00101)
Thursday, October 7th, 8am – 5pm
NineStar Connect – 2243 E Main Street, Greenfield, IN 46140
Breakfast and lunch will be provided.
THIS EVENT IS LIMITED TO 50 PEOPLE
Register by October 1st to be entered to win an iPad!