SOCcing: Responding to a Cyber Incident

Clinton Ingrams

Saturday 13 April 2019 from 16:00 to 16:50

Talk in English - UK at PHP Yorkshire 2019
Track Name: Track 2
Short URL: https://joind.in/talk/1be5f (QR-Code (opens in new window))

Avg. Rating

The media is full of stories about “hackers” finding and exploiting vulnerabilities in web-accessible systems – not just web applications. You may also have been the target of such an attack. How can you prepare to deal with such incidents, and who are you going to call when you notice you are the latest victim?

What is a SOC and how does it relate to CKC analysis? What is the lifecycle of a cyber security incident? Who should be responsible for overseeing a coordinated response?

All these questions, and many more, will be answered in the talk.

Comments

Comments are closed.

Scott Dutton at 08:43 on 14 Apr 2019

Important topic and one which often is thought about as an incident is happening instead of following the playbook which you have set out.

Mark Taylor at 12:12 on 14 Apr 2019

A really insightful talk and you're obviously a very knowledgeable and experienced speaker. One thing I'd point out is you need to plan your timings as you obviously had far more slides and information than could possibly fit in the 50 minute slot.

Peter McDonald at 17:39 on 14 Apr 2019

Clinton is clearly knowledgeable and this shows in the talk. At times he clearly goes off of the beaten track recalling past conversations that help make a point (clearly not giving too much away)

Clinton teaching style clearly shows and he engages with the audience when comments are made and is happy to take on board points or clarifications from others.

One negative might be some of the content that could not be covered. Some of this might have been due to mis-calculating the time required for each section or alternatively due to times going off the beaten track. Could be worth reviewing the sections and removing some of the nice to haves and maybe have these as reading material in the notes for the audience at a later time.

Something I would really love to see but would likely be a workshop would be scenario based and dealing with an incident from start to finished (obviously simplified to fit the time constraint).

Gavin Taylor at 19:02 on 14 Apr 2019

well presented talk on what can be a very dry subject, some security talks Ive been to in the past Ive wished I hadnt, but Clinton is a great speaker and nobody was nodding off :)

it was a nice introduction but not sure it answered all the questions in the talk description, feels like we need a part 2.

Mousey at 23:02 on 14 Apr 2019

Fantastic talk, was very entertaining and engaging from start to finish

Clinton Ingrams (Speaker) at 16:26 on 29 Apr 2019

Many thanks for your comments, and I'm happy to see that my talk was generally well received.

I take the point about timings. This was the first outing for this talk, and I was more concerned about running out of discussion material than overrunning. I try to be interactive in talks, as many people in the room will have different experiences of the subject. I am at the conference to learn as well as teach...