From New School of Information Security to Incident Response

The SANS Forensics and Incident Response Summit is just around the corner. Judging by the agenda it's going to be the best event for forensics and IR professionals for 2009.

Of course, I'm biased. Rob Lee, SANS' lead author for the forensics track invited me to be a panelist for the Summit several months ago. He posted a list of questions that we should be prepared to answer during the incident response panel and gave us the option to come up with our own question based on the Summit's theme.

In a nutshell, the theme of the Summit is that over the last decade forensics and incident response have advanced greatly due to new tools and techniques. What are the new essential tools and methods that incident responders must have or use.

Again, I'm paraphrasing the theme.

From there, I'll be jumping back 100 years, to look at a then emerging high tech field and some highlights (or rather low points) from it's first 50 to 60 years. To see what lessons it might offer us and how those lessons relate to Adam Shostack's and Andrew Stewart's book, The New School of Information Security. Oh, and I've got five minutes to do it so I'm gonna talk fast.

Aside from those five minutes, the Summit is going to be filled with legends in the field(s) and I'm really looking forward to hearing what they have to say.

The Summit is in two weeks and it's going to be amazing. Here's the registration link. Come and join us.