Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Frank McGovern Profile picture
Frank McGovern
@FrankMcG
Cybersecurity @ Fortune 100’s ● @BlueTeamCon Founder ● Gamer ● Auto Enthusiast ● Real Estate Investor ● Financial Freedom Bound
May 11 12 tweets 5 min read
“Protect Your Most Sensitive Users With The One Weird Trick” by @dotdotdotHorse of @TrimarcSecurity at @bsides312. Image We’re gonna talk about…

THE PROTECTED USERS GROUP- THE PUG

Too many people know about it. Not enough actually use it. In his experience, only a single percentage of orgs actually use it.

The best thing about the Protected Users group is that it’s FREE.99! Image
Jan 14 14 tweets 3 min read
CISO Risk Dumpster Fires: SEC Turns Up the Heat by Liz Wharton (@LawyerLiz), Danette
Edwards, and Cyndi Gula (@cyndi_gula) at @shmoocon.

As always, “put nothing in writing that you don’t want to see in a disposition.”

🧵 Pointed out how interesting it is that the one between Caesars and MGM that had a smaller breach word vomited into their 8K while the company with a much larger cost gave 3 sentences.

Caesars:

MGM: investor.caesars.com/node/33686/html
d18rn0p25nwr6d.cloudfront.net/CIK-0000789570…
Jan 13 9 tweets 2 min read
Intel is a Fallacy, But I May Be Biased by Andy Piazza (@klrgrz) at @shmoocon.

Most companies aren’t using Intel properly. Most people aren’t reading the reports.
Most aren’t using it properly.

“Words matter.” Title has irony in it. Image Intent and Capability is what will be focus.

Fallacy 1 - “Targeted Activity”

Spectrum:
- Target of opportunity
- Targeting an industry?
- Targeting a specific company?
- Targeting a specific user/role?

Derivative reporting changes the intent. Something based on another source.
Nov 15, 2019 10 tweets 4 min read
I recently conducted a business case analysis presentation around implementing a GRC tool in our org over the current use of Excel and a few other tools to get things done. While I can't share the entire slides, I decided to share some to help those of you also trying. 1/10 Here is the overall agenda. I can show you the example use case scenarios, but I can't share the current workflows/future workflows. So make sure you show them the current way you perform actions and explain what is coming and the problem that GRC software will solve. 2/10
Aug 15, 2019 17 tweets 3 min read
At a discussion today on cyber litigation and what you can do to reduce your cyber legal risks. Almost every breach today comes with a lawsuit or lawsuits. And it’s only growing.

Everything you do, you are producing evidence for when you get breached that will be used against you by prosecutors.