Presented by:


Gary Smith

from Pacific Northwest National Laboratory

Gary started out his professional career as a chemist/materials engineer. His start down the path to the Dark Side of Computing began when he wrote a program to design an optimal extruder screw rather than face thousands of calculations with a slide rule (yes, a slide rule.) Since then, he's done a lot of different things in computing. Always a glutton for punishment, he wrote his own from scratch. Around 1993, Gary started doing computer security when the semiconductor company he was working for was forced to get on the Internet to send/receive Integrated Circuit designs faster and a firewall/Internet gateway was needed. Since then, Gary's been involved in firewalls, intrusion detection system and application hardening, and anti-spam filters. Gary really does computer security to support his bicycling habit. He has more bikes than most other people have computers. And they're a lot more expensive.

Can you believe that between 73 and 77 percent of businesses have no plan for how they will do incident response? Almost eight in ten small business owners (79 percent) do not have a plan for incident response to limit the effects of a data security event. Is it any wonder that when an incident does occur, people run around as if their hair were on fire. It doesn't have to be that way.

This presentation will be an introduction to the concepts in Incident Response. It will cover the topics of:

  • Incident Response Process and Procedures
  • Lessons from The Military
  • The Six Stages of Incident Response
  • Types of Security Incidents
  • The Cyber Kill Chain Stages
  • Incident Types and Recommended Actions
  • Incident Response Tools

After this presentation, you will be armed with the basics of Incident Response and be able to create a plan for how to handle the inevitable incident. If nothing else, you won't have to stock up on fire-retardant hair spray.

1 h 30 min
LinuxFest Northwest 2019