Tim Haynes

I've been in the wrong place at the right time for around 25 years, and on the way i've covered most areas in Security hands-on or leading across Banking, Insurance, Markets, Legal, Accounting, Technology, Emergency Services, Local Government, Government Nuclear, Charities, and Outsourcing.

I'm currently loving life as Director - Cyber Services for BSS - the Security Services Company


Session

12-14
16:00
15min
MSSP, MDR, MFA - So Why isn't Incident Response Solved?
Tim Haynes

We've been in the wrong place at the right time between us for between 30-40 years, in just about every sector imaginable.

We're seeing both mid-sized organisations and enterprises in the situation where they have all the consultancy recommendations - Managed Security Service Provider, Endpoint Detection And Response, Network Detection & Response, extended Detection & Response, Managed Detection & Response, but IR still isn't solved.

There's frustration from both the MSSPs and Detection & Response providers, and from customers.
This talk explores:
The difference between Incident Management and Incident Response
The history of how people get into Security, and Incident Response
Enterprise Architecture View of these
The changes that have introduced a wicked problem:
Non-Technical or Non-Security Incident Managers attempting Incident Response
Technical Incident Responders attempting IR without the business link of Incident management
The frustrations from MSSPs and Detection & Response Providers
Customer Frustrations
Potential ways of solving this within the security community

Rookies
Rookie track 2