Name: SCD Systems Division Security Workshop
Start: 2022-01-11T14:00:00+00:00
End: 2022-01-11T17:00:00+00:00
Location: No location set

- 1
  Part 1: Preparation
  - Introduction and Landscape
  - STFC and UKRI position
  - Security Culture
  - Case study, hypothetical "NewService" for "SomeProject"
    
    Before the break, we will make preparations
    
    Always better to start small and build
    
    During the break this service will sadly be compromised
    
    After the break: how do we respond?
  - Risk Assessment
  - Asset management and Service catalogue
  - Patching
  - Hardening
    
    only install what's needed,
    
    know what ports are open and why,
    
    config management
  - Monitoring...
- 2
  Part 2: Response
  - NewService has been compromised!
    
    First steps: Incident Response Procedure
    
    Who do they talk to?
    
    What do they do?
    
    What documentation should someone gather?
  - Case Study: What does an incident look like?
    
    Service view
    
    CSIRT view
    
    Reporting and post mortem