Thursday, February 2, 2017
11:30 AM - 12:30 PM
Welcome & Lunch
Please arrive and register between 11:30 and noon. The lunch will begin promptly at noon.
12:30 PM - 1:15 PM
Preparation Can Make or Break Your IR Program
Security teams are typically in reactive mode when faced with a breach. Their efficiency and effectiveness in handling a security incident largely hinges on work the team has done prior to “game day”. The Preparation stage of incident response is the lynch pin on which all other stages depend. Alissa Torres, certified SANS instructor, speaks on the key elements of preparation and the need to identify a security team’s gaps in technology, process and skillset before they are tested to their limits. She will provide best practices around defining roles and responsibilities, creating buy-in and garnering support from upper management and data-owning business units. Alissa will address ways to assess your organization’s IR readiness and prevent communications barriers that occur when IR goals are not fully aligned with service level agreements (SLAs) and business continuity.
Alissa Torres, Certified SANS Instructor, SANS Institute
1:15 PM - 2:15 PM
Breaking Down Barriers to Effective Incident Response
Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks often get in the way. Rsam CISO Bryan Timmerman shares his insight about how to move past barriers and improve your incident response program by automating workflows, integrating with other security tools, and prioritizing critical issues to decision makers in real time. He will also share customer case studies from recent security incident response platform implementations.
Bryan Timmerman, CISO, Rsam
2:15 PM - 2:30 PM
Alissa and Bryan will field your questions.