Course Description

Incident response often means discovering that what looked good on paper may not look as good in practice. No matter how much you prepare, nothing beats experiencing an incident to highlight where you could have been better prepared. This presentation combines theory and practice for a review of best practices in IR, with the major focuses being lessons learned from real-life incidents and gaps in documentation exposed through tabletop exercises. The presenters combine their more than 20 years of IR experience to list some common gaps and provide guidance for incident preparation. 

Course Curriculum

  • 1


    • Presentation

    • Slides

    • Transcript


(Click arrow to see Jon Sternstein's bio)

Senior Cybersecurity Consultant, Agio

Eva Lorenz

Eva has more than ten years of experience in IT Security, in both the compliance and technical areas. Starting at a large organization, she handled both policy development and regulatory compliance before switching to a focus on network security and incident triage. Now a consultant with a focus on penetration testing, she still answers client questions on incident response as a vCISO. For more information about Agio, visit

Founder & Principal, Stern Security

Jon Sternstein

Jon is the author of the Cisco Press course titled Security Penetration Testing (The Art of Hacking) Live Lessons. He co-chairs the NCHICA IT Ops Strategy Roundtable. Jon graduated with a B.A. in Computer Science and holds many security certifications including: GIAC Penetration Tester, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker. He has been a featured Cyber Security Expert on ABC News, WRAL News, and Business North Carolina Magazine. For more information, visit

FREE to NCHICA Members

If you are an NCHICA member, click the button below to login to the NCHICA member portal and get your coupon code to use at checkout.