Savvy information security professionals know how important incident response plans are when something goes wrong. The time to figure out who to call, where the sensitive systems are, and the escalation path is before the security incident. However, the most thorough incident response plan does the organization no good if it doesn’t take into account extenuating circumstances. What happens if the key responders are on vacation? Do responders know what to do if at attack occurs during the peak holiday season? What is the appropriate response if the application is in code-freeze?
This talk steps security professionals through several scenarios which are common during the fourth quarter of the year and includes:
- An analysis of seasonal trends and special circumstances that complicate incident response, such as higher traffic volumes, key staff on holiday, and severe weather.
- An explanation of how attackers can take advantage of these special circumstances to launch their attacks.
- A discussion of what security teams should do to prepare themselves.
Incident response plans need to evolve throughout the year and security teams need to make sure their plans account for changes that happen throughout the year. Our best defense is to be prepared for all eventualities.