Incident Response Capabilities in 2016 - Part 2: Emerging Trends in Incident Response and Survey Results
- Thursday, June 9th, 2016 at 1:00 PM EDT (17:00:00 UTC)
- Matt Bromiley, Rob Lee (moderator), Jack Doyle, Arabella Hallawell, Mark Painter and Ryan Sommers
You can now attend the webcast using your mobile device!
The third annual SANS survey on incident response will look at the continuing evolution of incident response, how tactics and tools have changed in the last three years and how security professionals are dealing with increasing numbers and kinds of attacks. The survey report and webcast also will look at key takeaways and recommendations for practitioners and management.
Part 1 of this webcast, on Wednesday, June 8, 2016, at 1 PM Eastern, will present survey results and focus on the current state of incident response and look at the threat landscape.
In this session, we will look at emerging trends in addition to survey results. Attendees will learn:
- How integrated incident response tools are in the typical organization
- What impediments hamper effective incident response
- How budget allocations are projected to change over the next 12 months
- Improvements planned in the next 12 months
Register to attend both parts of this survey-based webcast and be among the first to receive the associated whitepaper written by Alissa Torres.
View the associated whitepaper here.
Matt Bromiley, is a SANS Digital Forensics and Incident Response instructor and a GIAC Advisory Board member. He is also a senior managing consultant at a major incident response and forensic analysis company, bringing together experience in digital forensics, incident response/triage and log analytics. His skills include disk, database, memory and network forensics, as well as network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.
Rob Lee is the curriculum lead and author for digital forensic and incident response at the SANS Institute. With more than 19 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention and incident response, he provides consulting services via HARBINGERS LLC. in the Boston, MA. area. Before directing services at HARBINGERS, Rob worked with government agencies in law enforcement, defense, and intelligence communities as a lead for vulnerability discovery and exploit development teams supporting Title10/50 cyber operations. Following his work in the intel community, he worked at the incident response firm MANDIANT for 5 years. Notably, he co-authored MANDIANT's first detail threat intelligence reports on Chinese APT activity titled "M-Trends: The Advanced Persistent Threat."
Jack Doyle, Senior Systems Engineer, Veriato
Arabella Hallawell, senior director of product marketing at Arbor Networks, is responsible for the go-to-market positioning and activation of the company's Advanced Threat solutions. Previously, she led strategic planning at Arbor. Arabella has more than 20 years of experience in IT security and strategy. Prior to joining Arbor, she was VP of corporate strategy at Sophos, a global IT security vendor headquartered in Boston and Oxford, UK, where she led M&A strategy, market and customer insight, and global corporate communications. Prior to Sophos, Arabella was research VP at Gartner, the IT research and advisory services firm.
Mark Painter currently serves as a security evangelist for HP Enterprise Security Products. In this role, he is responsible for educating customers, security professionals, executives and other groups about the risks of security vulnerabilities and HP ESP security solutions. Mark has played an active role in the security industry since 2002, when he joined SPI Dynamics, a leading provider of web application security assessment software and services. Over the course of his career, he has been involved with product management and marketing, vulnerability research and security blogging. You can follow his writing, security activities, and frequent travel via @secpainter.
Ryan Sommers, manager of Threat Intelligence & Incident Response at LogRhythm, manages a team of subject matter experts in incident response, forensics, malware analysis and threat intelligence. Prior to joining LogRhythm, he spent almost 11 years in incident response services for companies such as CrowdStrike, Stroz Friedberg and the Mayo Clinic in roles that include forensic examiner, malware analyst, incident response consultant and assistant director. Throughout his career, Ryan has worked many incidents involving advanced persistent threats, as well as financially motivated cyber criminal gangs, for some of the world's largest defense contractors, credit card processors, media companies and Internet service providers.