Well, the Rochester Security Summit is in the bag and we had a fantastic time. We met incredible people, learned some new stuff, and gave away a few cool prizes.
The Avalon Cyber team discusses what they enjoyed most about the RSS, what they learned, and more.
JP Midgley, CEO – “What I enjoyed most was the people – the security industry is full of incredibly smart people who all want to support each other and improve what we are able to do to help businesses better protect themselves.”
Kyle Cavalieri, CTO – “Catching up and meeting with colleagues in the industry was my favorite aspect of RSS – and the sessions I attended were great too. I learned more about the difference between Red Teaming and Penetration Testing, which could be a great opportunity for us with our Managed SOC offering that is coming out soon.”
Dan Burke, national director, Avalon Cyber – “One thing I noticed is there’s a lot of noise in the industry. So, it’s important that, when it comes to cybersecurity, people within organizations really understand what issues they are trying to solve and why. They need to know exactly what they need, why they need it, and get validation from their entire team. Most importantly, they need to know if they are capable of running an infosec program themselves versus outsourcing to an MSP/MSSP.”
Michael Byrne, managing partner, Avalon Rochester – “With only a surface level understanding of cybersecurity, I enjoyed meeting all the people who came by the booth and expressed an interest in our service. It was also interesting to speak with Jonathan (Avalon Cyber’s cybersecurity engineer), as he has a deep passion for this service/technology. Even though he already has an extensive background in cybersecurity, he's still excited about learning new ways to solve challenges this industry faces.”
Other highlights of RSS:2019
Our own Michael “Mac” McCartney, president of Avalon Cyber, gave an informative presentation on how to start an incident response plan.
Here are a few takeaways:
- Who you gonna call? – Having incident response experts on retainer is a must-do, but be sure to reach out to your cyber insurance provider to understand how they reimburse for IR expenses, and ask your insurer about lower premiums if you show them a proactive cybersecurity plan.
- Be sure to exercise – When running tabletop exercises, first you need a well-documented plan. It’s critical to involve technical, executive and departmental management, even outside constituents such as your legal counsel. If done properly, the exercise will identify gaps in your IR process, such as communication failures or procedure inefficiencies, and provide specific recommendations for improving processes against your security framework, such as NIST.
- Learn your lessons! – The most important – and most neglected – part of the incident response cycle is the post-incident activity. You were breached. Now, use that info for the future, so it doesn’t happen again. Meet with your IR team, update your threat intelligence, create new security initiatives, and monitor, monitor, monitor – threat actors WILL reappear. Use this new knowledge to better stop cybercriminals next time.
Good news! Michael McCartney will give an encore presentation of his RSS incident response track talk on November 6 at 1:00 p.m. EST. Register today for the "Not Just a (NIST) Phase: Establishing an IR Plan" webinar today!
At Avalon Cyber, we take security seriously. So, we passed out secret codes to RSS attendees that they used to try to unlock a “highly secured” box. Three lucky people won Ring Doorbells to help keep their homes safe and sound. Congratulations! #WinnerWinnerDoorbellRinger
Girls Who Code
Giving back to the community is something we’re 100% passionate about at Avalon Cyber. So, at this year’s RSS, we decided to donate to Girls Who Code, a non-profit group working to close the gender gap in technology.
For each demo of our beta Managed SOC service that was scheduled at the RSS – and for every demo we schedule through November 2019 – we will give $10 to this extraordinary group to help them train volunteers, develop programs, and equip girls for a future in tech.
Wanna help girls – and your business? Browse our services, like KnightVision MDR, Dark Web Monitoring, and Phishing Simulation and Training, and contact us to schedule the demo of your choice. We’ll be sure to add another $10 to our donation!
Everyone at Avalon Cyber is looking forward to RSS:2020! Hope to see you there!