The quality and speed of the security personnel investigating and attempting to resolve your incident can make or break the engagement.
Meet one of SecureWorks incident responders, Jason Shafferman. Growing up around computers, Jason has been interested in cybersecurity for as long as he can remember and is the “go-to guy” for all things technical amongst friends.
After graduating college Cum Laude with a bachelor’s degree in Forensic Networking and Security, Jason joined SecureWorks as an Incident Response consultant. Everyday Jason works with clients across verticals helping them respond to small scale incident as well as large scale Advanced Persistent Threats. Jason believes it’s important to approach engagements holistically by not only performing the forensics on an incident but ensuring that the technical findings are clearly communicated in an objective way to less technical people.
I honestly can’t remember the first time I got a computer because it’s honestly been since I was born I’ve been around them. I still am the go to guy when the computer is broken and my friends are like hey can you fix this or can you fix that. It’s what they think I do all day.
So, the easiest way to describe what I do for a living is probably I tell them you know I work on credit card breaches. That’s the easiest one. You know if you see in the news that such and such company had a credit card breach, we’re the ones that are in the there doing the forensics to figure out how it happened and kind of try to kick the attacker out. I think one of the most important qualities to be an incident responder - aside from the obvious technical skills that are required - is to be able to communicate with less technical people. A lot of what we do on bigger incidents is going to be communicating with executives in a company that don’t necessarily understand all of the technical details.
A big misconception is that we go in and we push a button and know everything that happened. Uh, you know it’s more like investigating a crime scene and in fact some of these are – I mean they’re crimes. And you know the logging that is in an environment is important. It’s the equivalent of a camera at a crime scene. It captures everything that’s going on. And having a high level of visibility into the environment is important. But often times we find that clients have blind spots and sometimes in important areas.
The old approaches to cybersecurity are no longer adequate. It’s time for something new. Layered defenses can create almost as many problems as they solve, and security teams struggle to keep up with the threat. What you need is context across all your layers of defense with the right people, processes, and technology working together in concert. That’s how Secureworks can help. Using 20+ years of industry knowledge, advanced analytics, industry-leading threat intelligence, and the network effect of more than 4,000 customer environments, we provide world-class cybersecurity solutions to customers around the globe. This unmatched experience empowers our customers to be Collectively Smarter. Exponentially Safer.™
Our Managed Detection and Response (MDR) solution is comprehensive, powered by our cloud-native software Red Cloak™ Threat Detection and Response that uses AI and machine learning to deliver better outcomes for your security operations. MDR unifies telemetry from your existing security technology to maximize visibility, reduce complexity, and enable you to move at the speed of the threat. Learn more about how Managed Detection and Response uses contextualized visibility to improve your organization’s security posture.