This talk will provide an overview of the Incident Response (IR) lifecycle and then dive into the preparation steps every organization must take to have confidence that they can effectively investigate a security incident. These steps are applicable for organizations with both insourced and outsourced monitoring services. Key topics will include what decisions must be made for your organization’s incident response program, including elements of the incident response policy, roles and responsibilities, technical controls needed to prepare for investigation, and how to test your incident response plan before it’s a real world scenario.

Christie Grabyan will present at ACCTOIncident Response Preparation