AGorecki

More great work coming out of X-Force. Today we released new research indicating ITG23 (Trickbot, Wizard Spider, Conti) has shifted it's scope to now include Ukrainian targets for at least 6 campaigns during which they deployed various malware and tooling. https://t.co/B3LFmQvtT8

I'm excited to announce that Christ Scott and I partnered with CISO DRG Publishing to publish a book on cyber crisis response. https://t.co/63OONVgEjN

Excited I will be speaking at this year's ISC2 Security Congress in Las Vegas in October. I received a formal notification from ISC2 that my talk entitled "Taking a threat-centric approach to building cyber resiliency" has been accepted and placed on the main program agenda.

Figured this was the case but after spending weeks reading IR reports, now I know for sure. We've investigated exactly 1 successful enterprise-wide ransomware attack where the client had MFA/PAM on privilege accounts since 2019

For those who can happily spend hours arguing about terminology and semantics, here is one for you... security, information security, and cybersecurity. Are these terms synonymous, or does each have a particular application and precise meaning?

@TactiKoolSec Now I know how you spent all the referral money

One argument I frequently hear is to enact regulations to force organizations to build more robust security. But, does regulation actually increase security? Or does it just redirect resources to implement and adhere to compliance requirements instead of combating real threats?