Incident Response Capabilities in 2016 - Part 2: Emerging Trends in Incident Response and Survey Results
- Thursday, June 9th, 2016 at 1:00 PM EDT (17:00:00 UTC)
- Matt Bromiley, Rob Lee (moderator), Jack Doyle, Arabella Hallawell, Mark Painter and Ryan Sommers
You can now attend the webcast using your mobile device!
The third annual SANS survey on incident response will look at the continuing evolution of incident response, how tactics and tools have changed in the last three years and how security professionals are dealing with increasing numbers and kinds of attacks. The survey report and webcast also will look at key takeaways and recommendations for practitioners and management.
Part 1 of this webcast, on Wednesday, June 8, 2016, at 1 PM Eastern, will present survey results and focus on the current state of incident response and look at the threat landscape.
In this session, we will look at emerging trends in addition to survey results. Attendees will learn:
- How integrated incident response tools are in the typical organization
- What impediments hamper effective incident response
- How budget allocations are projected to change over the next 12 months
- Improvements planned in the next 12 months
Register to attend both parts of this survey-based webcast and be among the first to receive the associated whitepaper written by Alissa Torres.
View the associated whitepaper here.
Matt Bromiley, a SANS GIAC Advisory Board member who holds the GCFA and GNFA certifications, is an up-and-coming forensics instructor. A senior consultant at a major incident response and forensic analysis company, he has experience in digital forensics, incident response/triage and log analytics. His skills include disk, database and network forensics, as well as memory analysis and network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, sharing with others and working on open source tools.
Rob Lee is the curriculum lead and author for digital forensic and incident response training at the SANS Institute. With more than 15 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention and incident response, he provides consulting services in the Washington, D.C. area. Before starting his own business, Rob worked with government agencies in the law enforcement, defense and intelligence communities as a lead for vulnerability discovery and exploit development teams, a cyber forensics branch, and a computer forensic and security software development team. He also worked for a leading incident response service provider and co-authored Know Your Enemy: Learning About Security Threats, 2nd Edition.
Jack Doyle, Senior Systems Engineer, Veriato
Arabella Hallawell, senior director of product marketing at Arbor Networks, is responsible for the go-to-market positioning and activation of the company's Advanced Threat solutions. Previously, she led strategic planning at Arbor. Arabella has more than 20 years of experience in IT security and strategy. Prior to joining Arbor, she was VP of corporate strategy at Sophos, a global IT security vendor headquartered in Boston and Oxford, UK, where she led M&A strategy, market and customer insight, and global corporate communications. Prior to Sophos, Arabella was research VP at Gartner, the IT research and advisory services firm.
Mark Painter currently serves as a security evangelist for HP Enterprise Security Products. In this role, he is responsible for educating customers, security professionals, executives and other groups about the risks of security vulnerabilities and HP ESP security solutions. Mark has played an active role in the security industry since 2002, when he joined SPI Dynamics, a leading provider of web application security assessment software and services. Over the course of his career, he has been involved with product management and marketing, vulnerability research and security blogging. You can follow his writing, security activities, and frequent travel via @secpainter.
Ryan Sommers, manager of Threat Intelligence & Incident Response at LogRhythm, manages a team of subject matter experts in incident response, forensics, malware analysis and threat intelligence. Prior to joining LogRhythm, he spent almost 11 years in incident response services for companies such as CrowdStrike, Stroz Friedberg and the Mayo Clinic in roles that include forensic examiner, malware analyst, incident response consultant and assistant director. Throughout his career, Ryan has worked many incidents involving advanced persistent threats, as well as financially motivated cyber criminal gangs, for some of the world's largest defense contractors, credit card processors, media companies and Internet service providers.