CypherCon 2024

Protecting Our Critical Infrastructure One State at a Time

Chriss Hansen


The Wisconsin Cyber Response team: We are a volunteer group that helps with cyber incidents across the state of Wisconsin. We help with State, local, tribe, and territories (SLTT’s) in the case of a cyber attack. They reach out to the Wisconsin Emergency Management hotline and a team of volunteers across all different organizations assembles to help defend and remediate against threat actors.We have helped schools, hospitals, and other public entities. Attacks range from phishing, defacing of public websites, and even ransomeware.As part of the organization I help train other individuals on how to be a better incident responder with the toolsets they are given by their organization. I try to share what we do at NM (techniques and experience) to guide them through building up their own security teams at their respective jobs.

This talk is: Collaborative Incident response on Critical Infrastructure

Summary: We will be diving into a state sponsored/backed Cyber Response Team who are all volunteers in a time of need. We will cover how to prepare, train, develop playbooks, and get your team and stakeholders ready for any incident that comes.
We will hint at an open source framework we are developing to help build teams/analysts more effectively and timely (with metrics) and will talk about how we have saved schools, hospitals, banks, public services, ICS, and all manner of Critical infrastructure from threat actors: and how you can too!I will be diving into what is the group, why each state should have their own, why a group like this helps build the altruism across the industry, and how I helped train incident responders at NM/CRT and our new techniques to do so

Chriss Hansen

Critical Infrastructure!

DFIR Engineer at Northwestern mutual, volunteer firefighter, and volunteer Incident Responder with the Wisconsin Cyber Response Team.