Register by tomorrow to save $300 on cutting-edge cyber security training at SANS Miami 2020!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Incident or Breach?

  • Tuesday, July 19th, 2016 at 3:00 PM EDT (19:00:00 UTC)
  • Hal Pomeranz and Benjamin Wright
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

SANS Data Breach Summit Chair, Benjamin Wright and SANS Fellow, Hal Pomeranz, will cover two topics related to data breach scenarios.

Incident or Data Breach: How Do You Know?
Presented by Hal Pomeranz

Not all incidents are created equal. The Incident Response Team is often under pressure to say whether the incident included a significant breach of personal or proprietary data. Hal will look at network and host data for markers that show when the incident du jour becomes something more significant.


Incident or Data Breach: Maintaining Confidentiality
Presented by Benjamin Wright

It is not uncommon for a security team to investigate an incident and learn that in fact it is not serious. But some investigations of incidents discover they are serious breaches of data security, which must be reported under law or contract requirements. Often times these investigations should remain legally confidential. Mr. Wright will explain methods for ensuring confidentiality."




Data Breach Summit

Assessment, Compliance & Communication
August 18 | Chicago, IL
More Info: sans.org/DataBreachSummit




Join us at the Data Breach Summit to learn even more on this topic. The summit brings together CISOs, risk managers, communication execs, insurers, attorneys, and security professionals to discuss the complexity of a data breach and how to prepare your organization for the inevitable.


Speaker Bios

Hal Pomeranz

Hal Pomeranz is an independent digital forensic investigator who has consulted on cases ranging from intellectual property theft, to employee sabotage, to organized cybercrime and malicious software infrastructures. He has worked with law enforcement agencies in the United States and Europe, and with global corporations.

While perfectly at home in the Windows and Mac forensics world, Hal is a recognized expert in the analysis of Linux and Unix systems, and has made key contributions in this domain. His EXT3 file recovery tools are used by investigators worldwide. His research on EXT4 file system forensics provided a basis for the development of open source forensic support for this file system. Hal has also contributed a popular tool for automating Linux memory acquisition and analysis. But Hal is fundamentally a practitioner, and that's what drives his research. His EXT3 file recovery tools were the direct result of an investigation, recovering data that led to multiple indictments and successful prosecutions.

Raised in the Open Source tradition, Hal shares his most productive tools and techniques with the community via his GitHub and blogging activity. And nobody can show you how to forensicate with Open Source tools like Hal!

Hal is a SANS faculty fellow and the creator and primary instructor for the Securing Linux/Unix (SEC506) course. In the SANS DFIR curriculum he teaches Advanced Digital Forensics, Incident Response, and Threat Hunting (FOR508), Advanced Network Forensics and Analysis (FOR572), Mac Forensics Analysis (FOR518), and Reverse-Engineering Malware: Malware Analysis Tools and Techniques (FOR610). Hal holds the GIAC certification for the following courses: GCUX, GCFA, GNFA, and GREM.

Hal is a regular contributor to the SANS Digital Forensics and Incident Response blog and co-author of the Command Line Kung Fu blog. He's a former board member for USENIX, BayLISA and BackBayLISA; former technical editor for Sys Admin Magazine; and a respected author and highly rated instructor at industry gatherings worldwide.


Benjamin Wright

Benjamin Wright is a practicing attorney based in Dallas, Texas, focusing on technology law. He serves as a senior instructor at the SANS Institute, teaching its five-day course, LEG523 Law of Data Security and Investigations. By means of that course, Mr. Wright has taught thousands of students from throughout the world. He chairs the SANS Institute’s annual Data Breach Summit. Benjamin advises diverse clients, both in the United States and outside of it, on privacy, electronic commerce and data security law. http://benjaminwright.us

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.