Discover and read the best of Twitter Threads about #DBIR
Most recents (2)
I received an early copy of this year’s Data Breach Investigations Report (DBIR) by @VZDBIR because I'm such a thot leader so I wrote a post with my thots and hot takes about it: kellyshortridge.com/blog/posts/kel…
thread of tl;dr snippets for mortals with no attention span:
thread of tl;dr snippets for mortals with no attention span:
Yet again, the #DBIR data shows 94.6% of breaches are financially driven.
It's reminder for us to invest in security that addresses reals rather than feels; and a reminder that the best way to hurt attackers, whether at local or macro scales, is to poison their ROI.
1/N
It's reminder for us to invest in security that addresses reals rather than feels; and a reminder that the best way to hurt attackers, whether at local or macro scales, is to poison their ROI.
1/N
Pretexting doubled this past year per the #DBIR! Attackers are using employees' email access to insert themselves into existing threads to ask a target victim to perform some sort of task.
I find this funny because I spend a lot of effort avoiding being in email threads...
2/N
I find this funny because I spend a lot of effort avoiding being in email threads...
2/N
It is likely not a coincidence that Verizon #DBIR chose CIS Controls for mapping safeguards associated with breach patterns. enterprise.verizon.com/resources/repo…
@CISecurity demonstrates how the controls map to the all important ATT&CK that is as relevant/actionable to security risk management as anything out there. cisecurity.org/controls/cis-c…
(Image recreated)
(Image recreated)
It is certainly not a coincidence that this letter calling for an overhaul of #HIPAA #Security #regulation and #enforcement recommends CIS Controls as the guidance framework. bit.ly/2JZPHe6
