Security Weekly Podcast Network (Audio) Preparation: The Less Shiny Side of Incident Response - Joe Gross - ESW #360
6 snips
May 3, 2024 Expert Joe Gross emphasizes the importance of preparing for cyber incidents, breaking down tasks required for incident response. Discussion includes RSA news overload, Verizon's DBIR, and Mandiant’s M-Trends. Insights on incident response foundations, threat detection, and engaging training scenarios. Exploring investments in cybersecurity technologies and financial dynamics in tech industries. Unique discussions on DM funding, ARK browser features, and Nord Security's product launch. Cloud security enhancement with AWS resource tagging and insight into cybersecurity trends and cloud threat models.
AI Snips
Chapters
Transcript
Episode notes
Dungeon Master Approach To Defensive Preparation
- Joe Gross frames preparation like being a dungeon master who sets traps and honeypots for attackers.
- He recommends deception and honeytokens as fun defensive 'traps' to learn attacker behavior.
Cyber Insurance Is Forcing Technical Compliance
- Cyber insurance is becoming highly prescriptive, sometimes defining patching standards and approved vendors.
- Joe Gross warns mismatches can leave organizations uninsured despite hiring familiar responders like Mandiant.
Make Tabletop Exercises Playful Not Painful
- Make tabletop exercises playful and memorable to increase retention and engagement.
- Joe Gross designs fictional companies and funny scenarios so teams learn and find plan edges in low-pressure sessions.