Ten Commandments of Incident Response (For Hackers)

Presented at THOTCON 0x5 (2014), April 25, 2014, 4:30 p.m. (20 minutes)

For many information security professionals, a logical career move is to an incident response role; managing security incidents as well as the people working on them. The transition to red tape, bureaucracy, and human chaos can be baffling and very frustrating to the hacker mentality. This can lead to us to burn out, or in the worst case, fail at the job. Instead of discussing incident response methodology, this talk will cover ten essential ‘lessons learned’ about bridging the infosec world with the business world. Topics include triage, communication skills, risk assessment, building professional relationships, business impact, and presenting our ideas and problems in a way that interest an organization.

Presenters:

• Lesley Carhart
  Lesley Carhart is the Incident Response team lead for Motorola Solutions’ Security Operations Center. A forensics specialist, Lesley has been striking fear in the hearts of IT departments since she was hired as a SQL developer at 15. She has held several roles in security, from log analyst to consultant, and has background as a network tech, aircraft mechanic, and tactical comm "guy". You can find her security blog on motorolasolutions.com’s ‘Fresh Ideas in Public Safety’.

Similar Presentations:

• ShmooCon XV (2019) / Security Response Survival Skills
• Kernelcon 2022 / Keeping a cool head in the eye of the storm, my experience with Incident Response leadership
• Black Hat USA 2014 / The State of Incident Response