Watch Now
Join us for an interview with NCCGroup’s Global Head of Digital Forensics and Incident Response, Alejandro Rivas Vasquez, where we learned about the pivotal role Digital Forensics and Incident Response (DFIR) played in safeguarding digital assets and enhancing cybersecurity defences. He discussed mitigating breaches and third-party risks, and the role DFIR played in establishing incident response plans to proactively defend against future attacks.
Key Digital Forensics and Incident Response takeaways
In this webinar, we explored the important role of DFIR, including:
– The role of DFIR in a global organization
– Tools, techniques, and processes DFIR teams use
– DFIR war stories from his time working with finance and oil and gas companies
– The value of continuous dark web monitoring for proactively stopping attacks
Key moments of the webinar
– 03:25 The beginnings of Digital Forensics and Incident Response
– 10:32 DFIR urgency model, from incident response to proactive consulting
– 13:59 What skills and knowledge are needed to work in DFIR?
– 15:25 “Hackers don’t have a schedule” – the risk of out-of-office-hours attacks
– 17:51 “Hackers don’t care about your risk register”
– 18:22 How does DFIR differ from CTI and SOC services?
– 23:29 What tools do your DFIR team regularly use for attribution?
– 25:13 How do you use dark web intelligence in your investigations?
– 26:19 Executive threat in a finance company (exposed PII, family photos, and address)
– 29:30 The value of historical data in identifying breach sources in DFIR investigations
– 37:17 Infostealers and initial access brokers are a major threat to organizations
– 40:55 MFA bypassed. Senior executive compromised in a board meeting
– 44:05 Shifting your mindset; organizations are the victims – regardless or human error
– 44:58 What are the biggest challenges when conducting DFIR investigations?
– 47:53 What should the cybersecurity industry be doing more of to prevent attacks?
– 50:08 What is the most critical thing DFIR teams should regularly test for?
– 54:34 What’s the biggest mistake companies are making with incident response
– 56:40 How can AI revolutionize the cybersecurity landscape for professionals?
Speakers
Alejandro Rivas Vasquez
Global Head of Digital Forensics and Incident Response at NCC Group
Andy Scutt
Channel Sales Manager at Searchlight Cyber
Alex Blackman
Head of Product Marketing at Searchlight Cyber