This session walked through the actions taken by various parties throughout a company during a ‘Live Fire’ data breach incident drill. In this drill, a threat intelligence vendor notified the Company’s Threat Intelligence department, through established communication lines, that customer data was for sale on the Dark Web.
Constance Snelling – Co-Presenter
Constance has worked in Risk Management and Internal Audit functions for 17+ years. Her current areas of focus have been providing oversight at the behest of the Risk Committee, creating a risk oversight framework, and providing challenge to first line function’s risk mitigation for IT, Information Security, and Third Party risk. Prior to her current position, Constance worked for Deloitte as a Manager in the Audit and Enterprise Risk Services practice. Her time with Deloitte was focused on providing services to healthcare, manufacturing and consider products clients. She gained experience leading IT and business process audits for mid-size clients, assessing Sarbanes-Oxley compliance efforts and performing SOC reports. Constance holds a Bachelor of Arts in Accounting, with a minor in Finance, and Master of Science in Accounting & Information Systems from Michigan State University. Her professional certifications include Certified Public Accountant (CPA), Chartered Global Management Accountant (CGMA), Certified Information Systems Auditor (CISA), and Certified Information Systems Security Professional (CISSP). The views expressed in this presentation are her own and may not reflect those of her employer.
Bryan Murphy – Co-Presenter
Bryan Murphy has worked in Information Security for over 20 years and holds seven professional certifications including; CISSP, certified intrusion analyst, forensic analyst, and incident responder. He has worked in most verticals from small to midsize software development shops, and higher education, to the Department of Defense. His current role is DFIR (Digital Forensics and Incident Response) Manager at a large financial services company. In his free time, he enjoys spending time with family, gaming, and creating handmade pens. The views expressed in this presentation are his own and may not reflect those of his employer.