MEGAN KOUFOS
INCIDENT RESPONSE COMPETITION by Megan Koufos, Program Manager at AWSN
For the second year running the Australian Women
in the industry who they may not know. We hope
in Security Network (AWSN) and Retrospect Labs
they come away with an appreciation of the incident
partnered to provide a competition-style incident
response process, and of other areas they could
response exercise for women across Australia
potentially move into.”
working, studying or interested in the sector. Forty-eight teams each with up to five members
The 2022 competition was based on the success
participated in the competition. It started on 7
of the 2021 competition, which saw 100 women
November 2022 and ran for one week.
participate, but had 250 spots available. AWSN had also offered, prior to the competition, a two-
The competition was very timely, coming as it did in
day, hands-on incident response training course
the wake of recent high-profile data breaches suffered
in partnership with Retrospect Labs and with
by major Australian organisations. These incidents
sponsorship from ASD. It enabled 45 women to
highlighted the importance of end-to-end incident
make sure they had the right foundational knowledge
response processes. They showed there is more to
and skills.
incident response than its technical aspects, and they demonstrated the importance of having people with
For the competition teams of up to five participants
diverse skills working together to respond effectively
with mixed skill sets were formed to work through a
to an incident.
scenario that simulated a real-world cyber incident impacting a fictitious organisation.
AWSN Founder and Executive Director, Jacqui Loustau, said the competition had given women
The scenario was designed to test participants’
in cybersecurity from different backgrounds an
incident response skills. It incorporated a number
opportunity to gain hands-on experience of the end-
of common aspects of incident response.
to-end incident response process.
These included forensic artefacts that participants had to analyse to identify various indicators of
“They get to experience the technical side,
compromise, understand what malicious activities
management of the media, dealing with the legal
had occurred and the tactics, techniques and
implications and communicating with executives. It’s
procedures adversaries had used to execute
also a chance for them to meet and work with others
their attacks.
I S S U E 12
WOMEN IN SECURITY MAGAZINE
141
