I. Introduction (5 minutes) A. Background, Experience, & Disclaimer (2 min) 1. Former Law Enforcement (10 years) 2. Former Adjunct Faculty 3. TEDx Speaker 4. Team Leader, Incident Response for Fortune 100 B. Easy Button (3 minutes) 1. Train how you’ll fight, because you’ll fight how you trained. 2. Does your organization, or customer/client even have an Incident Response Plan? 3. How many InfoSec hats do you wear in your organization? a. During your InfoSec career, everyone has responded to an incident. b. Defining your role 4. Reassuring the organization and strategic long-term goals a. Be the calm, reassuring voice b. InfoSec Speak / Exec SpeakII. Main (30 minutes) A. Incident Response Plan (10 min) 1. IR Plan Framework 2. CSIRT 3. Reporting, Classification, and Response B. Communication Rhythm (10 min) 1. Coordination of Internal Communications 2. Coordination of External Communications 3. CSIRS Communications TemplateC. Table Top Exercises (10 min) 1. Testing your Incident Response Plan 2. Types of Table Top Exercises 3. After Action ReportIII. Closing (5 minutes) A. Plan B. Communicate C. TestIV. Q & A (5 minutes)