You Got Breached, Congratulations.
You’re NOT a special snowflake
You can’t go round pouting
You don’t need to find anyone to blame
No, the Russians probably didn’t do it
No, I don’t need tagging in the post
Yes, likely you DO need to change some things
No, you probably couldn’t have stopped it
Yes, you could have likely detected it sooner
Yes, you could probably have remediated it faster
No, don’t you DARE blame the users!
No, your annual training for 30 mins isn’t effective (it sucks)
Yes, you can recover from it (hopefully)
No, it won’t kill you JUST yet, wait a few more years though…
More budget? Stop wining and spend what you have wisely
Yes, it means you have to roll up your sleeves
Yes, interns or apprentices can help remediate this
Yes, get off your ass, it got pwned, get over it
No, you’re still NOT a special snowflake.
You’re JUST like all the other breaches
You can sit down and plan
You should go look in the mirror
You likely did it to yourself, we’ll get to that.
Yes, you can reach out for help and advice
NO, you don’t need to buy everyone’s cyber-crap
NO, everyone’s cyber-crap isn’t going to stop it either
YES, it would be good to know what you actually have
YES, it would be great to know WHERE your data IS
Yep, IF you can track it back, it probably starts on a users machine
Yes, ongoing education HELPS (doesn’t fix, but helps)
Yes, you can recover from it (get the basics in order)
Yes, we are working on hacking the chips in humans, fun eh?
Nope, don’t expect more money, so work smarter
Yes, it means you can now get your house in order, good!
Yes, you can probably justify headcount but save $$ and get folk TO train
Yea, it sucks, sorry, but it’s the way of the new world.
And no, you’re not special, you CAN however be a good example.
Get the basics sorted out BEFORE your ass is delivered TO you on a silver platter
* Assets, what do you have?
* Assets, where are they?
* Who’s got access to them, and why?
* What DO they do, what is their purpose?
* What’s on them?
* Which ones do you need to care about?
Got it? Good, now go get a cuppa tea or coffee and go deal with it…. I’m going to go make breakfast.
‘all for now
All this and more tonight on the Security Shit Show.
10 pm Central, 21:00 mountain