BIO
Dr. Catherine J. Ullman is a security researcher, speaker, and Senior Information Security Forensic Analyst at University at Buffalo with over 20 years of highly technical experience. In her current role, Cathy is a data forensics and incident response (DFIR) specialist, performing incident management, intrusion detection, investigative services, and personnel case resolution in a dynamic academic environment. She additionally builds security awareness amongst faculty and staff via a comprehensive department-wide program which educates and informs users about how to prevent and detect social engineering threats, and how to compute and digitally communicate safely. Cathy has presented at numerous information security conferences including DEF CON and Hacker Halted. In her (minimal) spare time, she enjoys visiting her adopted two-toed sloth Flash at the Buffalo zoo, researching death and the dead, and learning more about hacking things to make the world a more secure place.
ABSTRACT
Threats surround us like a ring of burning fire. Unfortunately, incident response doesn’t come naturally to an operational mindset where the focus tends to be on reactive problem solving. As a volunteer firefighter for over twenty years, investigatorchic has learned a lot about what is and isn’t effective. There are surprising parallels between fighting real-life fires and the fire-fighting that passes for today’s incident response. For example, striking a balance between swift response and patient reflection is often the difference between life and death, in a very literal sense for the firefighter and a figurative sense for the security professional. It’s also all too easy to get tunnel vision and focus on the wrong areas, costing precious time. The security world is full of dumpster fires these days, so join this session to learn from a good firefighter what makes a good security person.