Ag3nt47 Security – Shmoocon 2013 – Ten Strategies Of A World-Class Computer Security Incident Response Team

Description: Today’s Computer Security Incident Response Team (CSIRT) should have everything they need to mount a competent defense of the ever-changing IT enterprise: a vast array of sophisticated detection and prevention technologies, a virtual sea of cyber intelligence reporting, and access to an exploding workforce of talented IT professionals. Yet most CSIRTs continue to fall short in keeping the adversary—even the unsophisticated attacker– out of the enterprise. Why is this? In this talk, the presenter will offer some observations on what it takes to do Computer Network Defense well in the modern IT enterprise. He will present ten fundamental qualities of an effective CSIRT that cut across elements of people, process, and technology.

The presenter is a Lead Cyber Security Engineer with The MITRE Corporation. He has ten years of experience working with large Computer Security Incident Response Teams (CSIRTs) to better defend against the adversary. He has held roles in the CSIRT ranging from tier 1 analyst to senior architect. He received a BS in Computer Engineering from Purdue University in 2002 and an MS in Information Systems from George Mason University in 2007.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s