Georg ThomasCISO, Corrs Chambers Westgarth
Jonathan CalverCEO, StrategyMix
Jordan HuntDirector – Incident Response, Forensic IT
Mark SminkCISO - Asia Pacific, JLL
Michael McKinnonCTO, Pure Security
Virtual Panel Session: Incident Response Planning and Recovery (AEDT)
At this event, we start with the assumption that despite all of the considerable effort and investment that most organisations have made to defend themselves against cyber attacks, a breach is still likely to occur. The question is: how can you prepare your organisation’s incident response across your entire management team and be confident that should the worst occur, that your response will stand up to the scrutiny of your customers, trading partners, the media and possibly the courts?
Submit your questions to the panel
By attending this event, you will be able to submit your questions on Incident Response Planning and Recovery to our panel of experts, either at the time of registration or via the Q&A facility.
Good examples of the kind of questions, we might expect to answer include:
1. Panic and Forensics: what are the common mistakes made in the heat of the moment when responding? What should you do in the first hour? What should you not do? How do you avoid destroying critical evidence / information?
2. Under what circumstances should you pay the ransom? What is in the best interest of the shareholders? What is the maturity of insurance in this space?
3. Disclose or not to disclose: should you disclose even if the breach is relatively minor and would not represent “serious harm”? What is the key test for notifying a breach to the OAIC? What are the mechanics? When, how, to whom?
4. How do you develop an internal and external communications plan for a major incident? Who do you notify, how and in what order? When do you say the problem has been solved? When should you not be transparent?
5. Response Planning: where do you start? Are there frameworks you can work through? Who should be involved? How do you take into account the motives of the attacker in your planning process (financial, amusement, hactivist)?
6. Testing: how do you develop a testing process for multiple playbooks, with differing triage and escalation levels, so you can convince your stakeholders that your IR will stand up to the heat of battle?
7. Can you share some examples where lack of incident response planning directly impacted the company’s performance from a brand, financial and human perspective?
Who should attend?
If your organisation experiences a major cyber incident, the response will be a shared responsibility across your entire management team – including HR, Marketing, Operations and Finance. It will not just be an issue for IT and Cybersecurity. Since this is a virtual event held on the Zoom platform, we have virtually unlimited places. You should therefore encourage multiple members of your management team to attend.
Unavailable on the day? Register for the video highlights
This panel session will be recorded and the resulting output will be converted into a series of “Video Highlights”, where one video will cover one question. All registered delegates will receive an email notification with link to the videos as soon as they are produced. However, if you are unable to attend on the day, you can register now for just the video highlights.
To view an ever-growing library of peer-reviewed videos, across a diverse range of cyber and IT related topics, go to: www.strategymix.com/videos.