ATLSECCON 2025

The two most important parts of incident response are having a documented plan and a skilled and trained team.  But the next two important things are often overlooked: speed and organization.

As incident commander, would you like to get away from status reports all days and spend your time leading the response instead?
Would you like to spend your tropical vacation uninterrupted by needing to lead incident response?
Would you like improve your team's efficiency and not have every investigator chasing the same shiny thing?

There is a way, and it's easier than ISO or NIST. Come and hear about a better world, where we learn efficiency from firefighters.

Implementing ISO/IEC 27001 effectively can be a transformative step for organizations aiming to enhance their information security posture, or it can become a checkbox exercise with minimal benefit. This session will provide actionable insights into overcoming common challenges in ISO 27001 implementation, including risk assessment, stakeholder buy-in, and leveraging technology. Attendees will learn practical lessons to implement ISO27001 effectively and have a real impact on improving their organization's security. 

Paul will leverage his experience of working with a wide range of organizations globally to provide practical examples of some of the common pitfalls and challenges for people and organizations working towards and maintaining an ISO27001 certification.

The session will cover and give examples of how to complete these required steps:

1. Framework selection
2. Compliance and environment scope
3. Gap assessment
4. Determining objectives
5. Methodology identification
6. Resource requirements
7. 3 P’s development – policy, process, and procedures
8. 3 P’s implementation
9. Monitoring and assessment

Cybersecurity education often neglects the critical role of risk management despite its fundamental importance in protecting data and systems. This presentation argues that cybersecurity professionals need a robust understanding of risk assessment, mitigation, and management.

We will demonstrate a significant deficiency in risk management instruction by analyzing current cybersecurity education frameworks and widely used definitions of cybersecurity. We will discuss the implications of this gap, highlighting how it impacts the security posture of organizations and the professional development of cybersecurity practitioners.

This presentation aims to raise awareness of this critical issue and provide actionable recommendations for educators, institutions, and professionals to integrate comprehensive risk management training into cybersecurity curricula. By bridging this gap, we can cultivate a more proactive and resilient cybersecurity workforce capable of effectively addressing the evolving threats of the digital world.

It is easy to get caught up with the latest flashy tool, but if we are not aligning our activities with risk, then we are not effectively protecting the organization. This presentation talks about the fundamentals of risk, how as IT people we need to keep risk central to our activities, and how everyone on the team has a part to play in managing risk.