Top 10 'Incident Response & SIEM' talks from RSA Conference 2016 (USA)

Our editorial team has handpicked the best of the best talks at RSA Conference - one of the largest IT Security Conference in the world. Following is the list of top talks on Incident Response & SIEM at RSA Conference 2016.

RSA Conference held its 25th annual event at the Moscone Center in San Francisco and brought together a record number of more than 40,000 attendees. Attendees experienced keynotes, peer-to-peer sessions, top notch track sessions, tutorials and seminars along with networking and social activities including the RSAC Codebreakers bash at AT&T Park featuring Sheryl Crow, Walk off the Earth and Tony Hawk. Keynotes, sessions and debates focused on the Internet of Things, industrial control systems, encryption, artificial intelligence and machine learning, crowdsourcing, healthcare, automotive, and more, with many reflecting current industry news. (Source: RSA Conference USA 2016)

1) The Incident Response Playbook for Android and iOS

Speaker: Andrew Hoog ( @ahoog42 )

What is your mobile device incident response plan? If you cannot answer that question, you should attend this session. The session will cover the challenges in mobile, how and why it is different from traditional incident response, and the building blocks you can use to craft your own mobile incident response plan.

>>Go To Presentation

2) Demystifying Security Analytics: Data, Methods, Use Cases

Speaker: Anton Chuvakin ( @anton_chuvakin )

Many vendors sell “security analytics” tools. Also, some organizations built their own security analytics toolsets and capabilities using Big Data technologies and approaches. How do you find the right approach for your organization and benefit from this analytics boom? How to start your security analytics project and how to mature the capabilities?

>>Go To Presentation

image courtesy:

3) The Rise of the Purple Team

Speaker: Robert Wood ( @robertwood50 ), William Bengtson ( @waggie2009 )

As attacker tactics, techniques and procedures evolve, so must the defenses and strategy used to defend against them. Traditional red teaming presents an opportunity to find gaps in security, but leaves more valuable information unabsorbed. Results and methodologies used in red team assessments can drive protections in place use by blue teams and a larger program and vice versa.

>>Go To Presentation

image courtesy:

4) Building a World-Class Proactive Integrated Security and Network...

Speaker: Hanna Sicker ( @SNOCgirl )

The SNOC (Security & Network Operations Center) is a cost-effective, world-class, proactive integrated function that leverages and optimizes your current NOC members while hiring a minimal number of additional security professionals. Learn how to use the SNOC framework to transform your existing NOC into a single effective team that is responsible for both network and security functions.

>>Go To Presentation

image courtesy:

5) Make IR Effective with Risk Evaluation and Reporting

Speaker: Justin Monti, Mischel Kwon 

Today, determining risk of a cyberattack is the generic vulnerability or malware rating ignoring aspects of how the business is impacted. Understanding the vulnerability state of the network, reputational risk, business loss, cost of IR and reconstitution cost are rarely understood. This presentation will show a data-driven approach to IR prioritizing response based on risk and business impact.

>>Go To Presentation

6) Data Breach Litigation How To Avoid It And Be Better Prepared

Speaker: Ronald I. Raether, Jr. Andrea Hoy

Here's an overview of the presentation: Background: Where are the Data Breaches occuring?; How to Be Better Prepared for When Your Company Data is Brenched; How to Avoid it: Lessons Learned & Best Practices

>>Go To Presentation

7) Cloud Breach – Preparation and Response

Speaker: Monzy Merza ( @monzymerza )

Your next breach or insider attack will most likely have you digging for evidence in the cloud. Are you prepared? The old styles of imaging disks and tapping networks won't work! It won’t scale! This session will discuss response scenarios for cloud-enabled and cloud-dependent enterprises, a model for preparing for cloud response, and will show examples of cloud breach investigations.

>>Go To Presentation

8) Preserving the Privilege during Breach Response

Speaker: Jeff Kosseff@jkosseff )

When companies hire cybersecurity consultants to investigate incidents, those professionals’ reports and emails could be used against the company in court unless a privilege applies. This session provides an overview of the attorney-client privilege for post-breach investigations, and tips for increasing the chances that the privilege will apply and the data will remain confidential.

>>Go To Presentation

9) Integrated Security Operations Center (ISOC) for Cybersecurity C...

Speaker: Timothy Lee

This session will present a real case study of methodology and advanced cybersecurity tools used along with important tips and lessons learned on implementing an ISOC project at the second largest city of the nation. Topics include the critical success factors, advanced tools and technologies for ISOC, Situational Awareness, Threat Intelligence Sharing and cybersecurity collaboration.

>>Go To Presentation

10) Data Science Transforming Security Operations

Speaker: Alon Kaufman

Data science brings a huge promise to IT security and accordingly to the sprouting of DS teams across all enterprises, and numerous vendors. Indeed DS has the potential to transform the way security is done—yet, the secret sauce is how to do it in a way that actually provides clear value, embedded into the security workflow, and leverages the human knowledge in combined with the data.

>>Go To Presentation

Your Complete Guide To Top Talks @RSA Conference 2016 (USA)

Get your FREE Guide on Top Talks @ RSA Conference 2016 (USA) . Our editorial team has gone through all the talks and handpicked the best of the best talks at RSA Conference into a single guide. Get your Free copy today.

>>Click Here To Get Your FREE Guide

Views: 13814

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform


Security Trends and Emerging Technologies That A CISO Should Adopt In 2021

Started by Priyanka Aash Mar 3. 0 Replies

What are the challenges you as a CISO have been facing since the last year and share some security trends that are catching up? Help the community by sharing your knowledge and personal views on this subject. Or if you have any specific questions…Continue

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30, 2020. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by Yogesh Nov 19, 2020. 2 Replies

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20, 2020. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

Follow us

Contact Us


Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2021   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

/* */