Topic: Enterprise incident response preparation for the Cloud
Hosted by the AISA Sydney Branch, please join Josh Lemon, who is the Managing Director at Ankura and Instructor and Co-Author at the SANS Institute, for an online presentation discussing how to prepare your enterprise for incident response in the Cloud.
Similar to traditional IT environments, hackers are using cloud environments as entry points to infect, harm, and disrupt business operations. Threat actors know that critical data may be duplicated to poorly protected or unsupervised cloud environments. Knowing what to do during an attack and preparing teams for incident response can be the difference between an incident quickly contained and resolved, and a multimillion dollar disaster.
In this webinar, we will explore how your organisation can address cyber security incidents in the cloud as well as cover the following topics:
- An overview of Azure, Amazon Web Services and Google Cloud Platforms
- An understanding on what evidence exists in the Clouds
- Knowledge of what your limitations are for Cloud investigations
- How to better leverage the Clouds for incident response
Participants will have the opportunity to ask questions. This webinar will be recorded and the recording will be made available to registrants.
Josh Lemon is a Managing Director at Ankura, leading their APAC Digital Forensics and Incident Response practice in Australia. Josh assists government and commercial clients with sophisticated compromises, maturing their cyber defence and response programs, and threat hunting for malicious adversaries. He is also a co-author for the SANS Institute’s “Enterprise Cloud Forensics” (FOR509) and “DFIR NetWars” courses and teaches the "Advanced Incident Response and Threat Hunting" (FOR508) and the "Advanced Network Forensics" (FOR572) courses.
Josh has over a decade of experience in the incident response and digital forensic industry, he previously worked as a Director at Salesforce.com in their international Salesforce Security Response Centre (SSRC), where he headed up the team responsible for looking at new cutting-edge ways to approach incident response at scale. He has also held the role of CSIRT Manager for the Commonwealth Bank of Australia, and as a Managing Consult for BAE Systems Applied Intelligence where he was responsible for all technical cybersecurity services for the Asia Pacific region, including, overseeing large and complex incident response and offensive security engagements.
This webinar is free and only available to AISA Members, please click on the registration link below:
Not an AISA member? To become an AISA member you can join here
For any queries regarding this event, please contact AISA Event & Sponsorship Manager, Susanna Palermo via email [email protected] or visit our website www.aisa.org.au
Date: Thursday 28 April 2022
- 12:00pm - 1:00pm AEST (Brisbane, Canberra, Melbourne, Sydney & Hobart)
- 11:30am - 12:30pm ACST (Adelaide)
- 10:00am - 11:00am AWST (Perth)
Participate in the webinar:
- Please note that you will need to register in Zoom and provide a valid email, so that you can receive the unique registration link to log into the webinar
- Use this link and ensure you logon to the webinar at least 5 minutes prior to the start time
- You will require a strong and stable internet connection
- It is recommended you use a headset or headphones so you can hear the presentation
- A recording of the live session will be available for registrants after the event
AISA presentations are intended for educational purposes only. Statements of fact and opinions expressed are those of the participants individually and, unless expressly stated to the contrary, are not the opinion or position of AISA, its sponsors, or its partners. AISA does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented. Attendees should note that sessions may be recorded and published in various media, including print, audio and video formats without further notice.
AISA has evaluated the use of Zoom based on the Traffic
Light Protocol which was facilitated for greater information
sharing. AISA webinars are considered TPL White as the information
contains minimal or no foreseeable risk of misuse. In addition AISA has evaluated the
use of Zoom for this purpose as aligned to ACSC
Web Conferencing Security, April 2020, see link at https://www.cyber.gov.au/publications/web-conferencing-security
and has implemented controls to minimise risks. You are required to register for the webinar via the Zoom