Source Boston 2009: How To Respond To An Unexpected Security Incident: A Reality Check

Published on April 24, 2011
Channel: Christiaan008
Source: Youtube

Speaker: Lenny Zeltser, Savvis, Inc, SANS Institute "Best practices" emphasize the need to prepare for incident response before the security breach occurs. Build the toolkit, train the staff, test restore capabilities, document roles and responsibilities... Indeed, that is the right approach to handling security incidents in a controlled manner. What if you never found the time to prepare? In today's reactive world, you wouldn't be alone. Security incidents are often unexpected. When they occur, stress leads to mistakes and poor decisions made in the spur of the moment. Since small and mid-sized companies rarely have a dedicated incident response staff, the responders frequently lack the confidence and expertise that comes from handling the breaches on regular basis. This talk discusses the questions an individual should ask when responding to a security incident. By having a list of such questions in advance, the responder will be able to take control of the situation quickly and assertively. The questions fall into the following 5 categories: •Understand the incident's background •Define communication parameters •Assess the incident's scope •Review the initial incident survey's results •Prepare for next incident response steps For more information visit: To download the video visit: