Interview with John Luke Peck: Incident Response Autopsies and Today's Threats How You Can Prepare!

[Music] Hey everyone, Steve here, volunteer director at large with the Vancouver Island Security Research Society. We're counting down the days to our annual Bides Vancouver Island Security Conference happening October 3rd at the Victoria Conference Center in stunning Victoria, BC. Besides VI is a grassroots communitypowered cyber security event built around accessibility, learning, and collaboration. Whether you're a seasoned pro or just security curious, you're welcome here. Today, I'm excited to spotlight one of our incredible speakers, John Luke Pek, an incident response specialist based in Seattle, Washington. John Luke will be presenting a session titled incident response autopsies and today's threats, how you can prepare today for tomorrow's ransom. John Luke, welcome. Would you introduce yourself to the Bides VI community and

share what inspired you to dive into this topic? >> You bet. Thank you, Steve. So, I've been working in IT since the early 2000s. I started out connecting networks and data centers. Uh, and then around 2013, I pivoted into cyber security and I've been working in the field ever since. For the last 5 to 7 years or so, my teams and I have been working with organizations when they get attacked and helping them recover from incidents and major events like that, as well as helping them get ready and prepare. One of the major things that we've seen which drives us is when organizations aren't ready for a major event like ransomware. And it can be so devastating

that it leads to the organization needing to close their doors. One of our main missions and goals is to get out there and help inform and educate business owners and technologists about the things that they can do to be ready today so that they can be more resilient and withstand those types of events if they happen tomorrow. Thanks, John. Luke, your talk zeros in on some of the most pressing challenges in modern incident response. From dissecting past breaches to preparing for tomorrow's ransomware threats, it's all about turning lessons learned into proactive strategies. To give our audience a taste of what's to come, I've got a few questions for you. First, what is the biggest gap most organizations have in

incident response planning before a breach? >> The biggest gap most organizations have is in the actual planning. That's everything from incident response plans to tabletop exercises to making sure you've got the right response partners in your pocket when you need them. That includes your outside counsel, insurance companies, or incident management specialists and firms. All of these things have to be prepared and lined up and practiced before the real deal hits. Otherwise, organizations spend more time scrambling to try and get those resources together and figure out how to use them than they do actually responding. This leads to all kinds of delays in the response and recovery efforts, and it drives recovery costs way up. And so, by getting out and

talking to folks beforehand and saying, "Here are the things you can do today." Our goal is to help cut that time down and help cut those costs down so that you can get back to business faster. >> Thanks for that. Second, which new trends or threats should we be taking seriously heading into 2026? >> Well, it's not new, but ransomware is still very high on the list. Groups today are attacking our security infrastructure itself. The the firewalls that we put in place to protect our networks, they're being used as the devices which give the bad guys the access into our networks. When our security technologies become the point of vulnerability, this becomes everybody's problem. Even if technology

isn't your line of business, even if you don't have an IT team or a security team. So, this isn't new necessarily, but it is becoming an epidemic that's impacting the small and midsize business market in a devastating way. >> Very true. Finally, what's one simple step any team can implement now to boost their incident response readiness? >> I'd say come to the talk. We're going to be talking about exactly that. What steps can people take today? How to be ready? And what resources to keep in your back pocket for if that day comes when you find that your office or your network has been ransomware and you need help in a hurry. Thanks so much, John

Luke. For everyone tuning in, don't miss your chance to hear John Luke and many other brilliant minds at Bides Vancouver Island205. Tickets are available now at bsidesvi.com. We're across all the socials. Check out the links on our website and join the conversation using #bsidesvi. We can't wait to welcome you to the Victoria Conference Center on October 3rd. See you there.