I’ll DFIR to You: Getting Back to the Foundations of DFIR

In this industry, we’re all chronically online, and so we’ve probably all seen that inspirational image floating around about “choosing your hard.” It’s mostly about marriage, debt, and communication, but the concept applies to our work digital forensics and incident response. How hard do you want your job to be if you don’t apply the basics before a breach occurs? How hard should it be after the dust settled? 

We’re heading back to basics in this upcoming presentation with our panel of experts. We’re all aware that “the threat landscape is changing rapidly,” but how many of us have stopped for a breath to observe if our security practices are built on a solid foundation? If you’re unsure, the answer is, it’s probably not. The good news is we can work to change that. 

This presentation will cover the PICERL Model (preparation, identification, containment, eradication, recovery, and lessons learned) in reviewing the foundations of a DFIR (Digital Forensics and Incident Response) which are crucial for effectively managing and mitigating cybersecurity incidents, yet they are often forgotten or overlooked.