The Future of Incident Response
Protection and detection can only take you so far, and breaches are inevitable. As a result, response incident response has stepped into the spotlight. This session will examine the economic and psychological forces within the computer security field and describe the future of incident response (IR) and thus, the industry. It will discuss how response technology, unlike detective and preventative controls, must augment people rather than replace them. Understanding the implications of this reality requires a systems theory approach to IR. This session borrows one from the US Air Force: OODA loops. By leveraging the cycle of observe, orient, decide, and act, this session demonstrates how we can optimize IR efforts, and deliver valuable insight into what is arguably the most crucial discipline to maintaining IT security in the coming decade.