From chaos to control: how do organisations react when faced with a security incident?
Moving from lessons identified to lessons actually learned
Welcome back to the mnemonic breakfast seminar. This time at Ambassaden (the former American Embassy in Oslo).
Together with Næringslivets Sikkerhetsråd (NSR), we will share findings and experiences gathered over the last couple of years to explore what to consider when planning your response to security incidents, key takeaways organisations can use to strengthen their detection capabilities, as well as advice on preventing such attacks from occurring in the first place.
Join mnemonic and NSR for breakfast on Wednesday May 7th, to learn about how organisations test their response capabilities against realistic threats and stay prepared for security incidents.
Note that for the first time, we’re taking our breakfast seminar to the new conference center at Ambassaden, the old American Embassy close to Nationaltheatret. The entrance can be found at Løkkeveien (see picture below).
| 08.00-09.00 | Registration and breakfast |
| 09.00-09.10 | Welcome and introduction |
|
09.10-09.40 |
What can we learn from The Norwegian Computer Crime and Data Breach Survey 2024 / Mørketallsundersøkelsen 2024 with Odin Johannessen, Director, Næringslivets Sikkerhetsråd Presentation of findings, trends and recommendations from the Norwegian Computer Crime and Data Breach Survey published in March 2025, mapping the security situation in private and public businesses. The survey is unique in Norway and is an important contribution to mapping the extent of computer crime and IT security incidents, as well as awareness of information security and the use of security measures in Norwegian businesses. Technical level: 1/5 |
| 09.40-10.10 |
Our lessons learned from Incident Response in 2024 with Ole Henrik Paulsen, Senior Incident Responder, mnemonic The mnemonic Incident Response Team (mIRT) is one of the largest in Europe and serves as the front line in analysing and responding to threats targeting some of Europe’s most critical organisations. In this presentation, Ole Henrik will share key observations from 2024, focusing primarily on the exploitation of vulnerabilities, leaked credentials, and adversary-in-the-middle attacks. He will discuss his experiences in handling these incidents and provide advice on preventing such attacks from occurring in the first place. Technical level: 2/5 |
| 10.10 – 10.25 |
Break |
|
10.25 – 10.55 |
Incident Readiness – turning lessons identified to lessons learned with Frederik Myhrer, Senior Security Consultant GRC, mnemonic mnemonic has extensive experience in establishing robust Incident Response systems, and we’ve seen first-hand that an effective readiness framework is not just about technology—it’s about building an organisation that can handle uncertainty without introducing unnecessary complexity. In this session, Frederik shares insights on how organisations can develop an Incident Response framework that not only reacts to incidents but continuously learns and improves. The audience will learn how organisational measures, well-structured processes, and a holistic approach can make the difference between chaos and control when a security incident occurs. Technical level: 2/5 |
|
10.55-11.25 |
Insights from the past years of Purple Team testing with Julie Gundersen, Service Lead Purple Team and Jeanette Kirkerud, Security Consultant, mnemonic During this talk, Jeanette and Julie will share insights from real Purple Team engagements, highlighting where they most often see strong detection mechanisms, and where they typically see gaps. The session will include recommendations on what to consider when planning a Purple Team test, highlight scenarios currently in demand, and wrap up with key takeaways organisations can use to strengthen their detection capabilities. Technical level: 2/5 |
| 11.25 – 11.30 | Closing remarks |