Over the last few years, Mandiant has observed a rise of cyber attacks from ransomware attacks to more sophisticated and persistent cyber threats known as Advanced Persistent Threats (APTs). These can dramatically impact people, organizations, and governments; as well as the society if critical infrastructures are targeted.
The implementation of a robust cybersecurity program (human, technical, and strategic) enables organizations and governments to prepare their environment to detect malicious activities, identify, and respond to them to limit the impact (e.g., reputational, business continuity, financial, legal, etc.).
This presentation provides an explanation on how organizations can use threat intelligence to proactively identify threats targeting them, as well as to drive incident response process to effectively determine the scope of the cyber attack to remediate it. Moreover, the incident response process will be discussed to demonstrate how to investigate and respond to a large-scale cyber incidents while limiting the impact.
The presentation will conclude on how the traditional digital forensics science could support and improve the incident response process.