Lessons in Incident Response (with Ben Shipley)
ADVANCED PERSISTENT SECURITY PODCAST
GUEST: Ben Shipley
NOVEMBER 28, 2016
If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.
NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers
Lessons in Incident Response (with Ben Shipley) SHOW NOTES
This week, we discuss Adult Friend Finder’s data breach in the news segment. We draw parallels with Ashley Madison and contrast it with PornHub and the Security of Porn Blog post.
Next, we discuss the possibilities of how and why as well as the magnitude to society. We also examine follow-up mitigations for the future and derail the conversation into password managers.
In this segment, Ben talks about a time that he “Cried Wolf” per se in an incident response effort. He called in more resources and ended up overkilling the situation. In the end, it was an incident, so no harm, no foul. Joe shares a couple of anecdotes of his own blunders in times past. A time when Joe misidentified Dropbox as Trin00 popped up as well as the time he did group policy wrong and tried to reboot a domain controller with a USB hard drive attached, completely killing all web presence for the organization. Information Security is as much about learning as it is doing.
We do something a little different in this segment. We do a “belly aching” segment where we talk about what is bothering us from an information security perspective. Joe is bellyaching because a pharmacy did not allow him to opt out from them selling his data. Ben is bellyaching about a similar situation. They both converge and bellyache about in-store surveys and the OSINT perspective as well as data handling and motives.
Ben Shipley is an undergrad majoring in Information Technology with a focus in Information Security & Assurance. He currently works in Incident Response for a globally recognized Security Solutions Provider. He is also passionate about consumer-data privacy, threat-intelligence, as well as foreign affairs.
PASSWORD BLOG LINKS:
WI-FI BLOG LINK:
Joe’s Blog on Tripwire:
Joe’s Blogs on Sword & Shield Enterprise Security’s site:
Joe’s Work with WATE 6 News in Knoxville, TN:
Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.