Completed
Incident Response plans are best when they are general and flexible enough to adapt to the situation at hand.
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Delete Yourself - Cognitive Bias During Incident Response
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 A cognitive bias refers to a systematic pattern of deviation from norm or rationality in judgment, whereby inferences about other people and situations may be drawn in an illogical fashion.
- 3 Is this server vulnerable to this attack? Was this attack successful?
- 4 Incident Response Plan: Write it down Practice it Escalate rather then freak out Understand who does what, and when they do it
- 5 Was this device vulnerable to this attack? Was this attack successful? If so this is a SECURITY INVESTIGATION
- 6 At each step verify each other's work Let Subject Matter Experts be Experts (Even the lawyers) Keep calm...remain skeptical Understand at what stage to escalate and to whom
- 7 Incident Response plans are best when they are general and flexible enough to adapt to the situation at hand.
- 8 Logs are a record of an event Logs don't lie, but we screw up what they mean all the time Logs rarely provide the closure you are looking for...or the closure the lawyers are looking for.
- 9 What is the worst case scenario for your company? - Your logo on Krebs? Pll posted to pastebin? DDOS from Anon? China stealing your IP? CEO in an orange jumpsuit?
