1. Incident Response In the Cloud

2.  CEO of BH Consulting – Independent Information Security Firm  Founder & Head of IRISSCERT – Ireland’s first Computer Emergency Response Team  Special Advisor on Internet Security Europol's CyberCrime Centre (EC3)  Adjunct Lecturer at University College Dublin  Expert Advisor to European Network & Information Security Agency (ENISA)  Regularly comments on media stories –  BBC, Forbes, Bloomberg, FT, Guardian, Sunday Times Who Am I?

3. Business View of Cloud Computing

4. Vendors’ View of Cloud Computing

5. Security View of Cloud Computing

6. Stuff Happens

7. Cloud Security Alliance’s Notorious Nine Data Breaches Data LossAccount Hijacking Insecure APIs Denial of Service Malicious Insiders Abuse of Cloud Services Insufficient Due Diligence Shared Technology Issues Source: https://downloads.cloudsecurityalliance.org/initiatives/top_threats/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf

8. Cloud Security Breaches

9. Fatal Cloud Security Breaches

10. Traditional Incident Response DetectContainEradicateRemediateRecoverReviewCommunicate

11. Traditional Incident Response

12. Cloud Incident Response

13. Cloud Incident Response – Acquiring Evidence

14. Where Are Your Data?

16. Change of Mindset

18. Same IR Principles DetectContainEradicateRemediateRecoverReviewCommunicate

19. Engage Early with the Business

20. Ensure IR Requirements in T&Cs

21. Establish Team Information Security Operations Human Resources Legal Public Relations Facilities Management CSP

22. Establish Relationships

23. Agree Roles & Responsibilities

24. Agree Policies & Procedures

25. Agree Jurisdictional Issues

26. Agree Disclosure Rules

27. Put Notification Rules in Place

28. Set Up Alerting Mechanisms

29. Ensure Access to Key Logs

30. Other Alerting Mechanisms

32. Practise, Practise, Practise ….

33. Agree Testing

34. Review & Measure

35. Questions Brian.honan@bhconsulting.ie @BrianHonan