Agenda

1 min read Advanced Security Topics

Agenda

  1. Opening (10 min)

    • Ground rules
    • Blame-free commitment
    • Meeting objectives

  2. Incident Overview (20 min)

    • Timeline presentation
    • Impact summary
    • Response actions taken

  3. What Went Well (20 min)

    • Quick detection after encryption
    • Effective team communication
    • Business continuity plan worked

  4. What Needs Improvement (30 min)

    • Detection capabilities
    • Initial response time
    • Communication to executives

  5. Root Cause Discussion (20 min)

    • Technical causes
    • Process gaps
    • Training needs

  6. Action Items (15 min)

    • Prioritized improvements
    • Owner assignment
    • Timeline commitment

  7. Closing (5 min)

    • Next steps
    • Follow-up schedule