Bill Brenner sets the stage for the day ahead | In the early years of information security, there were some serious technical challenges when it came to detecting and responding to attacks. Gathering data was hard - we had to build parsers and normalize data. Any dropped syslog data was gone forever. Storage was slow and expensive. Database technologies were slow. Queries took forever. Security teams had to build all their detections and reporting from scratch. Today, many of the technical challenges are gone, leaving us more time than ever to focus on the core of the job: detection engineering, threat hunting, and incident response. However, some challenges remain, and many are related to the “people” part of the equation. That’s what we’ll be focusing on in this opening presentation.

Join us for a virtual panel discussion as we delve into the often overlooked yet critical issue of mental health within the realm of incident response. Led by industry experts, this session will shed light on the unique challenges faced by individuals working in incident response roles, from the constant pressure of handling high-stakes situations to the relentless exposure to traumatic events. Through candid conversations and personal experiences, we will explore the impact of prolonged stress and burnout on mental well-being, as well as the stigma surrounding mental health in the cybersecurity community.

Join CRA Business Intelligence producers Bill Brenner and Paul Wagenseil for a comprehensive analysis of Incident Response in the current cybersecurity landscape. Explore the challenges and successes encountered by security teams, delve into strategies for effective incident management, and gain insights into planned investments for enhancing incident response capabilities in the upcoming year.

Incident response is far more than just the technical investigation and removal of a threat. Depending on the severity, it can require multiple stakeholders from across an organization to play their part correctly – legal teams, emergency communications, insurance reps, HR, management, and corporate boards. Failure to delineate these roles can not only interfere with the investigation, but also create more damage beyond the initial incident. In this fireside chat, we’ll examine the importance of clarifying responsibilities for IR decision-makers working across the business and how resources can be best put to use.