- About FIRST
- FIRST Members
- Global Initiatives
- Special Interest Groups (SIGs)
- Best Practices Contest
- Standardization efforts
- Affiliates
- Events
- Meetings
- Security Library
- Newsroom
Tuesday — October 16th, 2007 16:50
Nearly everyone will agree that cyber exercises are valuable, but regardless of the planning, effort, and resources committed to them, most exercises produce the same results, including the same errors, and real-life events demonstrate that we still aren't getting the process of exercises quite right. Based on his experiences with multiple cyber exercises (large and small), his involvement in critical infrastructure protection working groups, and his experience with incident response and handling corporate reactions to disasters such as Hurricane Katrina and the London Underground Bombings, the presenter will enumerate notable successes of cyber exercises, describe areas for improvement, and provide items for the attendee to consider when evaluating his or her own exercise planning, execution, and results.
James N. Duncan (BB&T Corporation, US) 
James N. Duncan, CISSP, is the Cyber Security Incident Response Team Coordinator for BB&T Corporation, currently the 11th largest domestic financial holding company in the United States. His constituency extends over 34 subsidiaries and nearly 30,000 employees in eleven states providing nearly every imaginable financial service from traditional banking, wealth management, and investments, to insurance, payroll management, software development, and ASPs for other financial services companies. The bank's web presence, bbt.com, has received numerous awards for excellence in on-line banking.
Previously, Jim Duncan worked at Cisco Systems where he provided incident response team support within the Critical Infrastructure Assurance Group, acting as technical liaison for various ISACs and government agencies (US and others), and was the team lead for the Cisco Product Security Incident Response Team, handling vulnerabilities in Cisco products from initial report to final composition and publication of a security advisory. Prior to that, he was employed as network engineer and principal systems administrator in various departments at the Pennsylvania State University.
In between, Mr. Duncan developed one of the first tutorials focusing on developing incident response teams way back in 1996 (with Rik Farrow for the USENIX Association), served a two-year term on the Steering Committee/Board of Directors of the Forum of Incident Response and Security Teams, and became an approved TRANSITS instructor, teaching several TRANSITS classes around the globe.
Jim is also a soccer referee, certified by the United States Soccer Federation, US Indoor Soccer, and the North Carolina High School Athletic Association, and has officiated many hundreds of matches in the last four years.
He is in wide demand on multiple continents as a speaker and instructor (and referee).
Copyright © 1995 - 2013 by FIRST.org, Inc.
