Marco Rivadeneira, CEH
Greenetics Soluciones S.A

Operation of a CSIRT and cybersecurity incident management: Practical approach

In general, the talk is based on proposing a practical approach that shows how the CSIRT operate in the face of security information incidents that although it is almost impossible to evade all risks, in case one materializes, its consequences can be mitigated and the primordial activities restored in the shortest possible time, with the minimum impact acceptable to the organizations.

Learning objectives:

1. Provide the general foundations to design an information security management model and implement it from a practical point of view, which is adapted to the controls and good practices provided in international standards focused on the confidentiality, integrity and availability of information.

2. Give a practical guide for the preparation of incident management manuals according to current best practices and their correct use, taking into account practical examples through the development of general workflows for the management of incidents.

3. Clearly define the process of communication of information security events to ensure that the causes, treatments and solutions of these events serve as part of the implementation of timely corrective and preventive actions in similar cases that may arise in the future .