Perth Branch Meeting - 9 May
In this month’s presentation, Craig Searle will provide the audience with a non-technical ‘managers guide’ to the incident response process and how to best position an organisation to respond
Incident Response for the 21st Century
Over the last 10 years, Incident Response (IR) has evolved from being merely an afterthought in the cybersecurity toolkit, to now becoming a recognised discipline and a critical component of any cybersecurity capability. As organisations move away from a philosophy of simply trying to prevent attacks, there is a growing emphasis on efficient and effective containment and recovery from an incident once it occurs.
Within cybersecurity there exists an interesting contrast between the cause of a significant proportion of cybersecurity incidents, and the tools and techniques frequently used to address incidents once they occur. Humans are, quite correctly, identified as the root cause of many incidents however when it comes to incident response all too often the primary focus is at the operator or technical level. IOCs, STIX/TAXI, containment and attribution techniques frequently dominate incident response discussion with little regard for how the response process itself is managed and governed. Whilst technical approaches and solutions are valuable and valid, they only form a small piece of a much larger puzzle. For a non-technical stakeholder or a first-time incident manager, the incident response process can often seem chaotic or overwhelming and responder outputs are frequently laced with technical jargon.
In this month’s presentation, Craig Searle will provide the audience with a non-technical ‘managers guide’ to the incident response process and how to best position an organisation to respond efficiently and effectively to common cybersecurity incidents.
Speaker: Craig Searle is the Co-Founder of Hivint and SecurityColony. He has over 15 years of experience in the security industry, working in the finance, defence, telecommunications, national security and technology sectors. An alumni of the SIFT and Stratsec organisations, he was previously the Head of Cyber Security for the Asia Pacific region at BAE Systems Applied Intelligence. Craig is a self-professed ‘security geek’ with a background in penetration testing, system hardening and incident response.
Craig has presented both locally and internationally, most recently presenting at: MilCIS 2016, ACSC 2016, ISC2 APAC Security Congress 2016 (Thailand) and WAHckon. Craig has also been quoted in media outlets such as: The Age, Australian Financial Review, The 7:30 Report and numerous industry publications.
AISA members: Please sign in to register for this event.
Non AISA members: If you would like to become an AISA member you can join here.
Please note: that the event time might be displaying AEST. The event starts at 5.30pm GMT+8 and finishes at 7.30pm GMT+8.
Many thanks to our sponsors
AISA also thanks EY for sponsoring the venue for this meeting
