People shouldn’t be scared by this CrowdStrike report. I don’t even know why they added the “AI-enabled ransomware” part -probably a PR idea that nobody stopped The real issue is wrong risk perception. CISOs worry about what sounds new instead of what actually causes incidents. AI-enabled ransomware” isn’t really a thing. Maybe an AI written phishing email here and there, but the rest is still human work. Meanwhile, most orgs lack asset visibility, detection on legacy or OT systems, have exposed RDP without 2FA and poor monitoring. Yet somehow this gets less attention than a buzzword in a report. It’s like when everyone panicked about tracking pixels in emails around 2018–2021 simply because PR people pushed it as a serious issue. It generates distorted perception of risks. Our job as a community is to make people aware of this distortion. csoonline.com/article/407591…

I was wrong. At least in this [one, small] sample it is ~25% differing results: One org, ~10k devices, ~21k total CVEs, two sources of CVEs. ~75% of those CVEs reported by both. More to come soon!

In six months of working for an MDR that services all manner of industries, I feel like any time I see an incident occurring it started on an asset that didn't have EDR installed.

Better data, Better decisions, Sevco Security ❤️

Here's a jingle just for @jjguy and @SevcoSecurity sh-drop.s3.us-east-1.amazona…

Today, CSE welcomes @aionescu as Technical Director, Platform Operations and Research. Alex's world-class operating system expertise will help advance CSE's cyber security interests both at home and abroad, and promote cyber-safe practices for all Canadians. Welcome Alex!

Reality check: Your security hygiene is worse than you think it is - helpnetsecurity.com/2021/11/… - @SevcoSec @jjguy #cybersecurity #security #infosecurity #itsecurity #CISO #cybersecuritynews #securitynews