Securing Cisco with Splunk - Lessons from One of the World’s Most Mature CSIRTs
Imran Islam, CISCO, Matthias Maier, Splunk, Adrian Davis, (ISC)² EMEA
About this talk
The Cisco Computer Security Incident Response Team (CSIRT) is a global team of information security professionals responsible for the 24/7 monitoring, investigation and incident response at one of the world’s largest and leading technology companies.
Learn how Imran Islam, leader of Cisco’s EMEA/APAC CSIRT team relies on Splunk to help his team drive best practices in threat assessment, mitigation planning, incident detection and response, incident trend analysis, and the development of future security architecture.
Join this webinar to hear Imran Islam discuss how Cisco drives CSIRT best practices:
- CSIRT playbooks and automation methods
- The importance of timely CSIRT data access, correlation & visualisation
- CSIRT staffing approaches
- CSIRT threat intelligence management
- Driving CSIRT operational efficiency
- The importance of CSIRT collaboration across the business during investigations
- How CSIRT functions can increase business relevance
- Learn about the importance of understanding your environment
- Learn about the importance of having the right data
- Learn the critical success factors for building a CSIRT Team and capabilities
- Learn how to enable your security team to scale its ability to handle incidents and quickly find, validate, and resolve issues
- Learn how to justify adding more resources to an incident response team
- Learn how to introduce consistency into your security team for approaching and solving security problems.
(ISC)² Security Briefings EMEA offers members in Europe, the Middle East and Africa a chance to learn about the latest trends, tools and best practices in cyber, information, software and infrastructure security while earning CPEs…