Despite statements from security solution providers, there is no 100% security possible. Attackers are holding all advantages to choose whom to attack, when and with which means. As a normal attack surface of a company — vulnerable Internet-facing servers, unpatched desktop computers, unencrypted laptops, sub-optimally trained IT personnel, negligent users — is immense, computer security incidents have happened, happen and will continue to happen. Companies and governments must be prepared to quickly, effectively and efficiently detect, contain and mitigate such incidents. This conference should give an overview on the “how”.