Beyond Playbooks: AI and Automation in Modern Incident Response

Thursday, October 30, 2025

10:30 AM - 11:30 AM CT

Location: Volunteer D

CPE Credits 1

Speaker(s)

Parul Khanna, CISSP, ISSAP, CCSP, CSSLP, CISA, CISM, CRISC, CDPSE, CCSK

Director, Technology Governance and Control
Manulife, Canada

As cyber threats evolve, traditional incident response (IR) playbooks are no longer enough. This presentation explores how AI-driven automation is revolutionizing IR by enhancing detection, accelerating containment, and reducing dwell time. Through real-world case studies, this presentation will examine how AI-assisted threat hunting, SOAR (Security Orchestration, Automation, and Response), and machine learning-driven anomaly detection outperform manual response. The session will also address challenges such as AI biases, false positives, and the need for human oversight. Attendees will gain actionable insights on integrating AI into IR workflows, leveraging automation for rapid decision-making, and striking the right balance between technology and human expertise—ultimately enabling faster, smarter, and more resilient incident response strategies.

Learning Objectives:

At the end of this session, participants will be able to define AI-driven automation in incident response and explain how it enhances detection, containment, and dwell time reduction through real-world case studies.
At the end of this session, participants will be able to identify key use cases for AI and automation in threat response, such as threat hunting, malware analysis, and phishing response
At the end of this session, participants will be able to describe the challenges of integrating AI into IR workflows, including AI biases, false positives, and strategies for balancing automation with human oversight.