The First 72 Hours - Dealing with the Crucial Time in Incident Response

The initial signs that you have a security incident on your hands are rarely black and white. The first questions you have to ask yourself are "Is this a real incident?" and "How should I respond?" Based on our first-hand experience, a rapid response in the first 72 hours is critical.

In this webinar we will discuss the main response tactics to contain and understand an incident, and offer best practise on investigation, identification and containment of the incident before responding.

Key Takeaways:

  • What are the difference between incursion and persistent detection
  • Identify key activities to perform in the first 72 hours
  • Understand why immediately stopping the attacker may cause more disruption 


Photo of Jessica  Barker

Jessica Barker

Cyber Security Consultant, Co-Founder, Co-CEO, Cygenta

Photo of Steven Furnell

Steven Furnell

Professor of Cyber Security, University of Nottingham

Photo of Justin Harvey

Justin Harvey

Managing Director - Global Incident Response Leader, Accenture

Brought to you by

What’s hot on Infosecurity Magazine?