Security Weekly Podcast Network (Audio)

Preparation: The Less Shiny Side of Incident Response - Joe Gross - ESW #360

May 3, 2024

Expert Joe Gross emphasizes the importance of preparing for cyber incidents, breaking down tasks required for incident response. Discussion includes RSA news overload, Verizon's DBIR, and Mandiant’s M-Trends. Insights on incident response foundations, threat detection, and engaging training scenarios. Exploring investments in cybersecurity technologies and financial dynamics in tech industries. Unique discussions on DM funding, ARK browser features, and Nord Security's product launch. Cloud security enhancement with AWS resource tagging and insight into cybersecurity trends and cloud threat models.

01:57:07

Creator website

Episode guests

Joe Gross

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Regular training and tabletop exercises are crucial for effective incident response planning.

Island's success demonstrates market acceptance of secure browsing solutions in cybersecurity.

Establishing AI marketing ethics policy is essential for ethical AI-driven marketing strategies.

Deep dives

Greylog Discusses Incident Response Preparedness and Security Trends

Incident response expert Joe Gross shares valuable insights on the importance of consistent training and tabletop exercises for effective IR planning. He emphasizes the need for organizations to structure tabletop scenarios realistically and involve key stakeholders such as legal and PR teams. Gross highlights the significance of practicing incident response regularly, advising quarterly full-day exercises for mature teams and more frequent sessions for beginners. He underscores the importance of augmenting IR staff to prevent burnout during prolonged incidents and emphasizes the value of feeding, resting, and rotating team members for optimal performance.

Introduction

2min

National Truffle Day, RSA Conference Passes, and Graylog Sponsored Interview

3min

Building a Strong Incident Response Foundation

18min

The Significance of Engaging Training for Incident Response

2min

Effective Incident Response Preparation Through Gaming Scenarios

7min

Threat Detection Preparation and Incident Response

17min

Insightful Discussion on Incident Response and API Security Solutions

4min

Exploring Investments and Market Trends in Cybersecurity Technologies

14min

Navigating Financial Dynamics and Security Challenges in Tech Industries

16min

10.

Exploring Strong DM Funding Round and ARK Browser Features

6min

11.

Exploring Information Acquisition, New Product Launch by Nord Security, and Critique of Advertisements

2min

12.

Enhancing Cloud Security and Incident Response with Resource Tagging in AWS

2min

13.

Exploring AWS Capabilities for Asset Management and Control Enforcement

2min

14.

Acquisition Deal Fallout and C-NAP Market Trends

5min

15.

Evolution of Lacework and Cybersecurity Partnerships in F1

2min

16.

Insights into Cybersecurity Trends and Cloud Threat Models

11min

17.

Innovative Exoskeleton Technology and Activity Tracker Discussed

2min

18.

Robotic Dog with Flamethrower

5min

It's the most boring part of incident response. Skip it at your peril, however. In this interview, we'll talk to Joe Gross about why preparing for incident response is so important. There's SO MUCH to do, we'll spend some time breaking down the different tasks you need to complete long before an incident occurs.

Resources

5 Best Practices for Building a Cyber Incident Response Plan

This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them!

It's the week before RSA and the news is PACKED. Everyone is trying to get their RSA announcements out all at once. We've got announcements about funding, acquisitions, partnerships, new companies, new products, new features...

To make things MORE challenging, everyone is also putting out their big annual reports, like Verizon's DBIR and Mandiant's M-Trends!

Finally, we've got some great essays that are worth putting on your reading list, including a particularly fun take on the Verizon DBIR by Kelly Shortridge.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-360

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Security Weekly Podcast Network (Audio)

Preparation: The Less Shiny Side of Incident Response - Joe Gross - ESW #360

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Greylog Discusses Incident Response Preparedness and Security Trends

Island's Impressive Funding Round Signals Market Confidence in Secure Browsing Solutions

AI Ethics Policy in Marketing

Accelerating Incident Response with Generative AI

Vulnerability Exploitation Trends

Universal Cloud Threat Model

Remember Everything You Learn from Podcasts