2024-12-14 –, Rookie track 2
We've been in the wrong place at the right time between us for between 30-40 years, in just about every sector imaginable.
We're seeing both mid-sized organisations and enterprises in the situation where they have all the consultancy recommendations - Managed Security Service Provider, Endpoint Detection And Response, Network Detection & Response, extended Detection & Response, Managed Detection & Response, but IR still isn't solved.
There's frustration from both the MSSPs and Detection & Response providers, and from customers.
This talk explores:
The difference between Incident Management and Incident Response
The history of how people get into Security, and Incident Response
Enterprise Architecture View of these
The changes that have introduced a wicked problem:
Non-Technical or Non-Security Incident Managers attempting Incident Response
Technical Incident Responders attempting IR without the business link of Incident management
The frustrations from MSSPs and Detection & Response Providers
Customer Frustrations
Potential ways of solving this within the security community
We've seen many mid sized and enterprise organisations that have a Managed Security Service Provider, Managed Detection & Response and Multifactor Authentication - "So why isn't IR solved?" in the words of one CTO.
This talk picks up on frustrations and gaps from both the technical MSSP and MDR side, and from the customer side, and explains why "Just pick a different SOC" isn't necessarily a good answer.
We go into some of the enterprise architecture, organisational and human factors from the 90's to today that have caused gaps on both sides, why this matters, and what we think security people can do about it.
Yes
I've been in the wrong place at the right time for around 25 years, and on the way i've covered most areas in Security hands-on or leading across Banking, Insurance, Markets, Legal, Accounting, Technology, Emergency Services, Local Government, Government Nuclear, Charities, and Outsourcing.
I'm currently loving life as Director - Cyber Services for BSS - the Security Services Company