A mature and tested incident response plan is an often overlooked piece of an organization’s information security strategy. Joey Smith shares insights learned from his experience responding to multiple events including internal investigations and a 2010 Anonymous attack. He’ll outline the key phases of an effective incident response plan, discuss the benefits of keeping an IR firm on retainer and how to justify the spend, and provide advice on how to avoid internal political battles when responding to an event (everyone wants to help but not everyone is helpful). His presentation features real-life war stories and opportunities for interaction.