War Games: Simulating Cyber Incidents For Fun & Profit

Abstract: With an organizations response to a security incident receiving as much scrutiny as it's cause, there a myriad of reasons to test in peace time the controls and processes which collectively represent your incident readiness. These include validating your incident readiness, assessing controls coverage to identify gaps, demonstrating investment and commitment to stakeholders & interested parties and maintaining general awareness. In this talk we'll outline how you might go about simulating your response to a security incident before you're forced into handling the real thing. Speaker Bios: Matt Hall, Pentest/Consultant/DFIR/Team Lead @ Sec-1 and Steve Davies, Consultant @ DeltaSec IS