Cyber Security Incident Management with Gerard Johansen

/// 🔗 Register for webcasts, summits, and workshops - https://blackhillsinfosec.zoom.us/ze/... 🛝 Webcast Slides - https://www.antisyphontraining.com/wp... Join us for a free one-hour Antisyphon Anti-cast with instructor Gerard Johansen on Cyber Security Incident Management. He'll show you the operational and strategic decision making that takes place during an incident. Specifically, he'll cover the critical role that the Incident Commander plays in leading an organization through an incident. He'll detail the eight-phase Incident Response Leading Procedures, covering the key tasks for the Incident Commander, CSIRT, and other personnel to restore organizational operations. We'll conclude the Anti-cast by discussing how to practice this process through Tabletop exercises. Chat with your fellow attendees in the Antisyphon Discord server:   / discord   in the #🍿anticasts-chat channel Chapters 0:00 Introduction 3:00 Incident Management and Command Overview 4:14 Why discuss Incident Management? 8:42 What is Incident Management? 10:33 Who leads Incident Management? 16:11 Incident Commander Information Coordination 19:06 Incident Command Leading Procedures 22:39 Malicious Activity has been detected!!! 23:05 Receive Escalation 25:45 Incident Escalation Briefing 25:58 Activate the CSIRT 29:10 Initial Analysis 33:33 Deploy Containment 36:39 Update Incident Objs. 37:27 Secondary Analysis 38:16 Eradication & Recovery 40:56 Close Out Incident 42:56 Communications 51:18 Q&A