Save $350 on Hands-on Cyber Security Training at SANS Sonoma 2019! Ends 11/21.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

How Are You Responding to Threats? SANS 2018 Incident Response Survey Results Part I

  • Wednesday, October 31st, 2018 at 1:00 PM EDT (17:00:00 UTC)
  • Matt Bromiley, Anthony Di Bello, Jim Jaeger, and Brennen Reynolds
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsors

  • Coalfire Systems
  • Fidelis Cybersecurity
  • ForeScout Technologies
  • 1E
  • OpenText Inc.
  • ThreatQuotient

You can now attend the webcast using your mobile device!

Overview

What new and continuing threats are responders uncovering in investigations, and how are they dealing with those threats? This webcast will release results from the SANS 2018 Incident Response Survey, developed by Matt Bromiley, SANS Digital Forensics and Incident Response (IR) instructor and GIAC board member. Matt will examine how incident response teams are coping with organizational structures, resources and IR implementation in an ever-changing threat environment.

In this webcast, you will learn how organizations have structured their incident response functions, what systems they are conducting investigations on, the threats they are uncovering and how they're uncovering them. For example:

  • What staffing, services and resources are they using, and how are they using them?
  • Are they still struggling with a silo mentality between operations and response?
  • During an investigation, are they able to get the data they need to fully discover the attack's spread and remediate all traces?
  • How automated are these processes of data collection and discovery?

Attend this webcast and gain access to the full survey report written by Matt Bromiley.

Register here for Part II of this webcast: Improving the Incident Response Function.

Speaker Bios

Matt Bromiley

Matt Bromiley is a SANS Certified Digital Forensics and Incident Response instructor, teaching Advanced Digital Forensics, Incident Response, and Threat Hunting (FOR508) and Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response (FOR572), and a GIAC Advisory Board member. He is also a principal incident response consultant at a major incident response and forensic analysis company, combining experience in digital forensics, incident response/triage and log analytics. His skills include disk, database, memory and network forensics, as well as network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.


Anthony Di Bello

A 13-year veteran of the cybersecurity and digital forensic incident response sector, Anthony Di Bello serves as Senior Director of Market Development for OpenText where he leads strategic planning and direction for cybersecurity solutions. Anthony joined OpenText with the Acquisition of Guidance software where he spent the previous 12 years, including the last several as Sr. Director of Products responsible for the voice of the customer, product roadmaps and go-to-market strategy across Guidance Software forensic security, data risk management and digital investigations products. Previously at Guidance, Anthony was Director of Strategic Partnerships responsible for building and delivering end-to-end solutions around the Guidance product portfolio through partnerships and integrations with adjacent technologies such as Blue Coat, ArcSight, ThreatGRID and DropBox. Before moving to Guidance, Mr. Di Bello spent seven years with Willis Towers Watson, a global professional service firm specializing in risk and financial management.


Jim Jaeger

Jim Jaeger is chief cyber strategist at Arete Advisors, a cyber security consulting firm partnering with Coalfire to provide advisory services to Coalfire’s customers. In his role, Jim develops and evolves clients’ cyber strategies, leads large-scale incident response operations and works with executives to enhance cyber security. He has led incident response and forensic investigations into some of the largest cyber breaches impacting the industry. Jim also established and led General Dynamics’ government and commercial cyber defense and forensics business practice, and has worked closely with the DOJ, FBI and United States Secret Service.


Brennen Reynolds

Senior Director Brennen Reynolds leads a team of strategic technologists responsible for defining ForeScout’s orchestration integrations. Over the past 20 years, he has held positions within the information security field including leading national security technical sales, consulting and research teams; conducting audits for Fortune 1000 companies; and implementing large-scale, global security control projects. He holds a master's degree in computer engineering from University of California, Davis, along with multiple industry certifications including the CISSP and CISA. He has served as the vice president of Chapter Relations for the Sacramento chapter of the Information Systems Security Association (ISSA).

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.