Enterprise Incident Management - How to Get Everyone Ready for a Crisis

Explore how to build an effective enterprise cyber-response program in this 42-minute RSA Conference talk. Learn from Target's Director Erin Becker as she shares insights on structuring teams, conducting war games, and executing tabletop exercises. Discover the three main lessons learned in developing a robust cyber-response strategy, including the implementation of a surprise war game for leadership preparation. Gain valuable knowledge on creating severity frameworks, establishing core incident management teams, and setting up war rooms. Delve into real-world examples, such as the Target data breach, and understand the importance of coordinating with vendors, collaborating with the FBI Cyber Division, and managing digital incident reporting. Examine the impact of security crises on leadership, strategies for team motivation, and the significance of vendor security. Ideal for professionals with entry to senior-level experience in cybersecurity or incident response, this talk provides practical insights for enhancing organizational readiness in the face of potential cyber crises.

Intro
How to Prepare for a Security Crisis
What if youre like me
Three key things
Create a severity framework
The core incident management team
The War Room
The Whiteboard
Objectives
Target Data Breach
Information Risk Council
The Last Year
Key takeaways
Coordinate with vendors
FBI Cyber Division
Digital Incident Reporting
Public Reporting
Tabletop Exercises
Severity Escalation
Impact on Leadership
Keeping Your Team Going
Vendor Security
ECM Software
Vendor Involvement
Exercise Program
The Perfect World
Handling a Working Incident
Cooperation and Sharing