Incident response is foundational to every security program, yet many companies still struggle with adoption and testing.

At Blackhat 2004, the founder of Red Cliff Consulting presented a talk titled “The Evolution of Incident Response”. He enumerated the top challenges of incident response at the time which were 1) Increasing complexity and sophistication of computer attacks  2) Incident response methodologies and technologies need to evolve and address emergency threats and 3) Pre-incident preparation is as critical as any other proactive security measures. Back then, companies were just starting to deploy internet connected systems, 56k modems were standard. Windows XP was the dominant operating system, Symantec and McAfee were the largest antivirus vendors on the market and DHS had just announced the need for the government to invest in cybersecurity. Threats of the time were focused on  banking and financial systems, and consumers were seeing fast spreading worms such as Mydoom, Sasser and Beagle.