The constantly evolving nature of threats and vulnerabilities not only affects individual firms and their customers, but collectively the threats pose a persistent economic and national security challenge. The concepts and principles the security professionals and their managers need to know to conduct or participate in a Cyber incident response event investigation will be presented. Ensuring that proven policies and procedures are established and followed are manager level responsibilities, along with personnel certifications and levels of expertise. These will be discussed along with critical chains of evidence collection and custody in each investigation. The laws, ethics, regulations and boundaries (both technical and political) for investigations and the investigators are next presented to help clarify positions and policies. Finally, the needed relations for the Cyber response team manager are presented; these include technical, management, law enforcement and civil relationships with professionals and organizations. Some of the current tools, tactics and procedures for conducting these activities will be discussed.
- How to Manage an Cyber Incident Response Effort
- Learn to delineate the Key Steps to a Cyber Investigation
- Best practices for a Cyber-based Investigation
About Leighton Johnson
Leighton Johnson, the CTO of ISFMT (Information Security Forensics Management Team), a provider of computer security, forensics consulting & certification training, has presented computer security, cyber security and forensics classes and seminars all across the United States and Europe. He has over 35 years experience in Computer Security, Cyber Security, Software Development and Communications Equipment Operations & Maintenance; He has taught CISSP, CISA, CISM, Security +, CAP, DIACAP, CRISC, ISSEP, Anti-Terrorism, Digital & Network Forensics, and Risk Management courses around the US over the past 7 years. He has presented at ISRM-2012, ISRM-NA 2011, ISRM-EU 2011, EuroCACS 2010, ISMC 2007, ISMC 2006, CyberCrime Summit 2007 and INFOSEC WORLD 2005 conferences and delivered multiple presentations for military and civilian conferences for customers and clients worldwide.