Presented by: David Sheidlower
IT and Security need to cooperate on incident response and that begins with a shared vocabulary for incidents. For example, a CISO’s definition of an incident is usually not the same as the ITIL definition. Security may classify incidents in terms of risk whereas IT may classify them based on SLA’s. In this breakout we will walk through the steps for security incident response and discuss the features of a robust incident response program including documentation, the formation of the incident response team and root cause analysis.