Randy at #Lockdown2015, 85% of respondents don’t care about identification of the attacker in an IR scenario @hacks4pancakes @attritionorg
@hacks4pancakes all of which doesn't matter if it is me or @AlxRogan attacking you.
-
-
@attritionorg@AlxRogan I'm talking about targeted attacks over the long term (hacktivist, nation state, etc). -
@hacks4pancakes@AlxRogan that's the rare case I can see some level of attribution having value, yes.
End of conversation
New conversation -
-
-
@attritionorg@hacks4pancakes@AlxRogan Discussions at#dfirsummit generally agreed. In brief, attribution is strategic, IR is tactical. -
@z4ns4tsu@attritionorg@AlxRogan Strategy and tactics are both pretty crippled if they're not brought full circle into logistics. -
@hacks4pancakes@attritionorg@AlxRogan The post-mortem/lessons learned part of the IR lifecycle is, in my mind, also strategic. -
@z4ns4tsu@attritionorg@AlxRogan Strategy is important, but logistics are how we get senior leadership to fund upgrading from 2003 server. -
@hacks4pancakes@attritionorg@AlxRogan If you need funding for upgrades, that's also a risk argument. Any old attacker will work, then. -
@z4ns4tsu@attritionorg@AlxRogan Unfortunately, that has often become a call between securing critical asset servers or financial servers. -
@z4ns4tsu@attritionorg@AlxRogan Where the risk management decision has to be partially informed by what is likely being targeted. -
@hacks4pancakes@attritionorg@AlxRogan It seems were saying basically the same thing. During IR, I don't especially care abt attribution. - 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.