Data breach reports from Verizon and Mandiant continue to highlight the significant time lag between incident occurrence and detection. Response mechanisms are often kicking in weeks after the initial compromise, after much of the evidence has vanished and – more importantly – valuable data has been exfiltrated.
As spear phishing continues to dominate as the attack vector of choice, Mr. Belani will discuss how organizations can somewhat level the playing field by effectively crowd-sourcing attack detection to employees and providing IR teams the ability to react in real-time. This talk will make the case for cultivating a trusted informant network, outline methods to do this by providing these informants with the tools to generate attack intelligence in an actionable format, and discuss how to develop response mechanisms to consume this intelligence and minimize damage.
- Learn how to effectively convert employees into human security sensors
- Understand the role of user reporting in incident response
- Discuss a case study on a zero-day malware discovery
About Rohyt Belani
Rohyt has over a decade of experience in the information security industry with prior roles including – Co-founder & CEO of Intrepidus Group (acquired by NCC Group), Managing Director at Mandiant, Principal Consultant at Foundstone (acquired by McAfee), and Researcher at the Software Engineering Institute. He has served as an Adjunct Professor at Carnegie Mellon University and is a contributing author for Hack Notes – Network Security and Extrusion Detection: Security Monitoring for Internal Intrusions.
Rohyt is a regular speaker at various industry conferences including the RSA Conference, Black Hat, OWASP, Hack in the Box, InfoSec World, and several forums catering to the FBI, US Secret Service, and US Military. He is also often called upon to provide commentary and analysis on cybersecurity issues for national print and broadcast media including The Wall Street Journal, BBC World News, The Washington Post, The Harvard Business Review, and ABC News.