Bright Ideas Roundtable: Turning Theory Into Practice: The Critical Role Of Incident Response Playbooks

Monday, October 14, 2024

2:55pm – 3:55pm PT

Location: Pompeian I - II

CPE Credits 1

Facilitator(s)

Elizabeth Houser, CISSP CCSP MLIS MS

Director of Cyber Defense
DefenseStorm, United States
James Bruhl

Director of Threat Intelligence
DefenseStorm, United States

Playbooks are an integral component of incident response plans, providing detailed, step-by-step procedures for addressing specific types of incidents, and ensuring standardized and efficient responses. The importance of playbooks lies in their ability to standardize responses, decrease downtime, enhance organizational confidence, ensure compliance and reduce costs associated with security breaches. Effective playbooks, regularly updated and familiar to the team, are key to mitigating the impact of incidents, highlighted by their role in reducing both financial losses and reputational damage.

This discussion will center around incident response (IR) plans and specifically playbooks within an IR plan -- including how teams use them and create them, and what type of incidents they are creating them for.

Learning Objectives:

Standardize methods of responding to various types of cybersecurity incidents as well as handling incidents efficiently, ensuring that critical steps are not missed even when the primary cybersecurity personnel are unavailable.
Reduce downtime and mitigate costs as playbooks equip organizations with a set of predefined actions to swiftly address security incidents, minimizing operational, financial and reputational impacts.
Review, test and update playbooks regularly, as they must evolve with the changing cyber threat landscape and internal organizational shifts.