Explore the pillars of continuous incident response in this BSidesIndy 2018 conference talk by Brad Garnett. Delve into the incident response lifecycle, covering crucial aspects such as preparation, training, and communication. Learn about the importance of incident response plans, frameworks like NIST 800 Series, and attorney-client privilege. Discover effective communication tools, templates, and strategies for providing critical updates during an incident. Gain insights on conducting tabletop exercises, extracting lessons learned, and evolving incident response capabilities. Understand the significance of measuring incident response and building robust IR capabilities. Walk away with valuable resources and key takeaways to enhance your organization's incident response preparedness and execution.
Overview
Syllabus
Intro
Title
Brads Background
Coaching Youth Football
Incident Response Lifecycle
Prepare Train
Incident Response Plan
Incident Response Framework
NIST 800 Series
Communication
AttorneyClient Privilege
Communications Template
Latest Update
Current Impact
Action Items
Ongoing Intelligence Summary
Previous Incident Summary
The Bottom Line
Communication Tools
Critical Communication
Tabletop Exercises
Lessons Learned
Stick to an Agenda
Incident Response Evolution
Having Conversations Now
Building Robust IR Capabilities
Measuring Incident Response
Resources
Takeaway
ICS
