In Providing Resilience: How PacketWatch and Expedient Transform Incident Response, AJ Kuftic from Expedient hosts cybersecurity veteran Jeff Lennon of PacketWatch to tackle the complexities of modern incident response. With over 25 years in tech and deep experience in cybersecurity, Jeff brings valuable insights into how PacketWatch, an MDR provider partnered with CrowdStrike, elevates threat detection and response through advanced tools like full packet capture (FPC) and constant threat hunting.

They delve into the essential steps of incident response, beginning with rapid identification, classification, and containment of threats. Jeff explains common cyberattack types, including ransomware, business email compromise (BEC), and zero-day vulnerabilities, each demanding unique approaches. The duo emphasizes the necessity of proactive preparation, such as tabletop drills, to ensure companies can respond quickly and effectively when a breach happens. Jeff further illustrates the vital integration of disaster recovery with incident response, noting that simply restoring from backups can reintroduce threats if attack origins aren’t thoroughly isolated.

A key takeaway from the conversation is the need for resilient systems that enable businesses to "respond, recover, and rebuild." This episode is packed with insights for IT leaders seeking to enhance their incident response and disaster recovery strategies, empowering them to not just react but build resilience against evolving cyber threats.