Incident Response with Empathy

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Matthew Zorich, a Principal Consultant with Microsoft Incident Response. Sherrod and Matt discuss his motivation for creating accessible and open-source forensics tools and resources for entry-level forensics, aiming to guide those without extensive resources. They also examine the importance of helping smaller businesses and individuals understand and practice incident response and forensics, considering the potentially devastating impact of cyberattacks on them. Matt also emphasizes the importance of knowledge sharing and practical experimentation in incident response and identity forensics to help individuals and organizations better defend against cyber threats.      In this episode you’ll learn:       The challenges of identity-based forensics  Tactics threat actors use to compromise accounts without raising suspicion  The importance of distinguishing personal and work identities when assessing threats     Some questions we ask:      Why is it important to distinguish personal and work email from a threat perspective?  How do you protect essential accounts in a large organization?  Would you consider text messages as a reliable method to enhance security?     Resources:   View Matthew Zorich on LinkedIn   View Sherrod DeGrippo on LinkedIn     Related Microsoft Podcasts:                   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks           Discover and follow other Microsoft podcasts at microsoft.com/podcasts  Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of The CyberWire Network.