Join Doug Brush for A Cross Discipline Approach to IR and Breach Investigations (and Lessons Learned)
With the increased use of SaaS, IaaS, and PaaS platforms, organizations are shoveling more compute, applications, and data into the cloud from on-premises solutions. However, answering cloud governance and access control questions such as “What data do I have?,” “Where is my data stored?,” Who has access to my data?,” has become challenging. Often, it is because data is out of sight and out of mind. Additionally, during a breach, these questions can impede an investigation that is already challenged by decentralized logging, access rights, large volumes of data to review, and the inability to physically access the environment.
This presentation will walk thought the current challenges faced by defenders and IR investigators in large cloud environments, and offer solutions that call on a variety of cyber security, digital forensic and incident response, and eDiscovey talents. We will step through a case example where the convergence of these disciplines allowed an organization to effectively investigate a data breach and comply with regulatory notification requirements.