Black Hat USA Registration Black Hat USA Registration Black Hat USA Briefings Black Hat USA Briefings Black Hat USA Training Black Hat USA Training Black Hat USA Schedule Black Hat USA Schedule Black Hat USA Sponsors Black Hat USA Sponsors Black Hat  USA Special Events Black Hat  USA Special Events Black Hat USA Venue Black Hat USA Venue

On This Page

Crisis Management

Peak Security | July 29-30



Ends May 31



Ends July 24



Ends July 30


Your organization spent hundreds of thousands of dollars to deploy extensive defenses against all perceivable computer attacks and threats. However, the unthinkable has happened; your network was hacked and sensitive data was stolen from one of your critical servers. Many questions race through your mind; are more systems breached, are the hackers still in my network, how do I get rid of them, and what do I tell my bosses or worse yet our clients? Whether you are a system administrator, a chief security officer, a non-technical manager or the chief information officer, once your network is compromised, you will be tasked with new found responsibilities that are unfamiliar, challenging, lack concrete direction and generally force most people out of their comfort zone.

Good management skills and decisive leadership determine the success of incident responses more so than the technical skills of employees or the promises of vendor solutions. This practical course aims to develop incident response leaders who can plan, respond and execute a successful incident response with little or no impact to the organization. Topics are reinforced through participation in various incident response scenarios. In order to better grasp the challenges faced by different incident response disciplines, student scenarios cover various situations that offer experience from the perspective of technical staff, line managers and even the CIO.


What You Will Be Provided With

What You Should Bring


Paul Criscuolo (CISSP) has been involved in the Computer Security Industry for over 15 years, with the rare distinction of having export experience in both the defensive and offensive aspects of INFOSEC. He was involved with the Computer Incident Advisory Capability (CIAC) working incidents for the Department of Energy (DOE). Paul was the Incident Response and Intrusion Detection Team lead at Los Alamos National Laboratory, writing a number of intrusion detection tools that have resulted in technologies licenses from the DOE, and created technology startups with those licenses. He has also consulted with Fortune 500 companies, assisting in incident response and recovery. Paul has presented at a number of conferences, written papers, and instructed training seminars about network security and incident response. Paul is a published author, and has been interviewed as a security subject matter expert for CNN.

Russ Rogers (CISSP) is a recognized name in the security industry, having over 20 years experience in information security, and well over 25 years experience in information technology. He has been published in roughly 20 different books on information security, been interviewed for CNN as a subject matter expert, and published in multiple other publications (print and media). Mr. Rogers background includes experience at the National Security Agency, Defense Information Systems Agency, US Air Force, Department of Energy, Department of Interior, and other Federal and Department of Defense Agencies. Russ has been a featured speaker and trainer around the country, and in countries around the world, including Singapore, Japan, the Netherlands, and Brazil. Mr. Rogers has his Master's Degree through the University of Maryland, and is a Certified Information Systems Security Professional (CISSP). Russ is currently the Professor of Network Security for the University of Advancing Technology (, in Tempe, AZ.

Greg Miles (Ph.D., CISSP, CISA) is an experienced security consultant with over 24 years of information technology and security experience. He is a United States Air Force Veteran and has served in military and contract support for the National Security Agency, Defense Information Systems Agency, Air Force Space Command, and National Aeronautical and Space Administration supporting world-wide security efforts. Greg has planned and managed Computer Incident Response Teams (CIRT), Computer Forensics and INFOSEC training capabilities. He has worked with security for Industrial Control Systems and SCADA system. Greg has been published in multiple periodicals to include "The Security Journal" and "The International Journal on Cyber Crime". He has co-authored four (4) books and has been a technical speaker on an international basis. Greg is a network security instructor for the University of Advancing Technology (UAT) and a student thesis/dissertation advisor for UAT and Colorado Technical University

Mark Carey (CISSP) has been involved with the Computer Security Industry for over twenty years. He has pioneered techniques and written a number of exploits. Mark has presented on Information Security topics for The United States Army, The United States Air Force, NASA, and several Corporations in the United States and UK; including Sun Microsystems. He has worked for several major Midwestern banks, insurance companies, and credit unions, as well as a brief engagement writing video games. Mark is currently employed as a technology and technique developer and penetration tester for a Federal agency, and as a freelance consultant upon occasion. Mark is also a published author, and is a well known hacker/programmer within the industry with specific expertise in reverse engineering and exploit development.