Presented by:

C6741f09f444e6d4f069fa0c7c6fdd69

Gary Smith

from Pacific Northwest National Laboratory

Gary started out his professional career as a chemist/materials engineer. His start down the path to the Dark Side of Computing began when he wrote a program to design an optimal extruder screw rather than face thousands of calculations with a slide rule (yes, a slide rule.) Since then, he's done a lot of different things in computing. Always a glutton for punishment, he wrote his own sendmail.cf from scratch. Around 1993, Gary started doing computer security when the semiconductor company he was working for was forced to get on the Internet to send/receive Integrated Circuit designs faster and a firewall/Internet gateway was needed. Since then, Gary's been involved in firewalls, intrusion detection system and application hardening, and anti-spam filters. Gary really does computer security to support his bicycling habit. He has more bikes than most other people have computers. And they're a lot more expensive.

Can you believe that between 73 and 77 percent of businesses have no plan for how they will do incident response? Almost eight in ten small business owners (79 percent) do not have a plan for incident response to limit the effects of a data security event. Is it any wonder that when an incident does occur, people run around as if their hair were on fire. It doesn't have to be that way.

This presentation will be an introduction to the concepts in Incident Response. It will cover the topics of:

  • Incident Response Process and Procedures
  • Lessons from The Military
  • The Six Stages of Incident Response
  • Types of Security Incidents
  • The Cyber Kill Chain Stages
  • Incident Types and Recommended Actions
  • Incident Response Tools

After this presentation, you will be armed with the basics of Incident Response and be able to create a plan for how to handle the inevitable incident. If nothing else, you won't have to stock up on fire-retardant hair spray.

Date:
2019 April 27 - 10:45
Duration:
1 h 30 min
Room:
CC-114
Conference:
LinuxFest Northwest 2019
Language:
Track:
Security
Difficulty:
Medium

Happening at the same time:

  1. Using iSCSI to share Discs and Tape
  2. Start Time:
    2019 April 27 10:45

    Room:
    CC-236

  3. Choose Your Distro Adventure!
  4. Start Time:
    2019 April 27 10:45

    Room:
    CC-235

  5. Containers 101
  6. Start Time:
    2019 April 27 10:45

    Room:
    HC-104 Jupiter

  7. 2019: Fifty years of Unix, Internet and more
  8. Start Time:
    2019 April 27 10:45

    Room:
    G-103

  9. Lunduke Show Live
  10. Start Time:
    2019 April 27 10:45

    Room:
    HC-108

  11. An Introduction to Incident Response
  12. Start Time:
    2019 April 27 10:45

    Room:
    CC-114

  13. Linux Container Primitives
  14. Start Time:
    2019 April 27 10:45

    Room:
    CC-115

  15. Tackling Training Needs with Open edX
  16. Start Time:
    2019 April 27 10:45

    Room:
    CC-200

  17. Why Open Source is Critical For Platform Firmware
  18. Start Time:
    2019 April 27 10:45

    Room:
    CC-208

  19. Database normalization
  20. Start Time:
    2019 April 27 10:45

    Room:
    HC-103 Postgres