2026-04-25 –, Seminar Room 1
The first hour of incident response is often the most important. It’s the point where initial contact is made and an effort to make sense of events begins. But it's also where early mistakes can turn a contained issue into a full-blown crisis.
This talk focuses on how to manage that critical window and avoid common pitfalls. Especially where multiple systems, stakeholders, and streams of information all demand attention at once.
We’ll explore the pitfalls that slow teams down and show how a simple framework can help keep order.
Using case studies and lessons learned from the field, this session highlights how the first 60 minutes set the tone for the entire response, and how to ensure that tone is calm, structured, and effective.
The first hour of incident response can set the course for everything that follows. This talk explores how to bring structure to that hour. Drawing on real-world incidents, it considers both the human and technical challenges, whilst also considering the complexity of working across a range of platforms. Against that, a practical framework is proposed to keep teams aligned when it matters most.
Attendees will leave with concrete lessons and a first-hour playbook they can adapt to their own environment, giving them confidence that their response will be sharper, calmer, and more effective when every second counts.
George Chapman is a senior security consultant with a background spanning red teaming, incident response, penetration testing, and vulnerability research. A CVE-credited researcher (CVSS 9.8 Critical and 7.8 High), George's work bridges offensive and defensive disciplines, enabling him to deliver robust security evaluations and strategic guidance that help organisations identify weaknesses and improve their overall cyber resilience.