$400 Amazon Gift Card with OnDemand Training through March 10 - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Lessons learned after Hundreds of Breach Investigations

  • Wednesday, January 16, 2019 at 3:30 PM EST (2019-01-16 20:30:00 UTC)
  • Robert Reyes, Gerard Johansen, Jake Williams


  • Cisco Systems Inc.

You can now attend the webcast using your mobile device!



In the world of security, a breach can happen at any moment. So how do you prepare for it? Join our Incident Response team for a discussion on some of the biggest lessons we've learned after conducting hundreds of breach investigations.

In the constant cat and mouse game of cybersecurity, it is a fallacy to think that we will always be protected against all threats. The reality is we have to be prepared for a breach. In order to prepare effectively, you must first understand what's out there, the threats and the most recent breaches. Cisco's Incident Response team is on the frontlines everyday battling those threats for our customers. After responding to hundreds of incidents worldwide, they have discovered some tips that has been proven helpful. Join us for a discussion about the latest and most prevalent threats, followed by tips you can use to make sure you are prepared for the next cyberattack.

Speaker Bios

Robert Reyes

Robert Reyes is a computer and network forensic examiner with over 20 years of experience. Robert holds multiple security certifications including the GIAC Network Forensic Analyst (GNFA) and CISSP. He also has instructed numerous Threat Hunting and Digital Forensics courses in partnerships with various federal agencies. He is currently an Incident Manager for Cisco Systems where he actively interacts with clients, performing forensic analysis of data breaches and offering advisory services on remediation best practices. 

Gerard Johansen

Gerard Johansen is an information security professional with over 10 years experience in information security, digital forensics, threat intelligence, and incident response. Gerard has written several articles and books covering a wide variety of topics including digital forensics and incident response. He is currently an Incident Response Consultant for Cisco Systems where he routinely interacts with clients faced with active incidents as well as providing proactive incident response services. 

Jake Williams

Jake Williams is a SANS analyst, senior SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development and digital counterespionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud data exfiltration, and the tools and guidance to secure client data against sophisticated, persistent attacks on-premises and in the cloud.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.