Why Should You Talk About Incident Response? | Part 4
Learn about containment, eradication and recovery in cybersecurity incident response
Welcome to the fourth episode of our Energy Talks miniseries titled, Why Should You Talk About Incident Response? Join OMICRON cybersecurity consultant Simon Rommer as he explores the different process steps involved in cybersecurity incident response alongside other experts from the power industry.
In this episode, Simon speaks with Stephan Mikiss, who is Head of Managed Security Services at SEC Consult and a SANS-certified forensics analyst based in Vienna, Austria. Simon and Stephan discuss the steps of containment, eradication and recovery in the incident response process and highlight the need for collaboration between IT and OT teams to effectively manage cybersecurity incidents.
Simon and Stephan also explore the iterative nature of incident response, the unique challenges posed by OT environments, and the necessity of understanding both the business model and the attacker's motives to make informed decisions during a crisis.
If you haven’t already listened to Part 1, Part 2 and Part 3 of this miniseries, be sure to check them out:
#85: Why Should You Talk About Incident Response? | Part 1
#95: Why Should You Talk About Incident Response? | Part 2 - OMICRON
#97: Why Should You Talk About Incident Response? | Part 3 - OMICRON
Learn more about OMICRON’s approach to advanced cybersecurity in OT environments:
Cybersecurity in OT environments
“Decision-making processes must be well thought out and documented, but since every incident is different, they must also allow for adaptability.”
- Stephan Mikiss, Head of Managed Security Services
SEC Consult