Episode 322: Incident Response: Strategy and Survival

This episode focuses on incident response, emphasizing that since attacks are inevitable, businesses must prioritize agile management to mitigate economic and operational damage. The experts analyze the 16-hour AWS outage caused by a DNS failure, which disrupted payment systems and was exploited by criminals to launch bank-impersonating smishing campaigns. They also discuss the Jaguar Land Rover attack, which cost nearly £2 billion, likely because the breach affected critical operational technology (OT) systems rather than just IT. Guest expert Antonio Sanz explains that ransomware has evolved into multiple extortion, where attackers steal data, contact clients, and deliberately destroy old-fashioned backups. To counter this, companies must adopt "21st-century backups" that are immutable or resilient against intentional destruction by hackers. Sanz notes that while 1% of firms have vast resources, 90% lack basic awareness, leaving them vulnerable to opportunistic attacks through credential leaks or a lack of multi-factor authentication. Forensic readiness is highlighted as a vital preparation step, ensuring that logs and evidence are preserved to allow for a proper investigation after a breach. Finally, Artificial Intelligence is viewed as a supportive tool for interpreting complex data, though it still requires human oversight to ensure accuracy. Twitter: @ciberafterwork Instagram: @ciberafterwork Panda Security: https://www.pandasecurity.com/es/ +info: https://psaneme.com/ https://bitlifemedia.com/ https://www.vapasec.com/ VAPASEC https://www.vapasec.com/ https://www.vapasec.com/webprotection/