How To Create A Cybersecurity Incident Response Plan
hyperproof, Friday, April 12th, 2024
One of the most eye-popping events in cybersecurity this year has been the former head of security for Twitter, Peiter Zatko, releasing a whistleblower complaint about the social media giant, alleging all manner of shortcomings. Anyone responsible for cybersecurity audits should take note - in fact, take lots of notes.
Zatko raised concerns such as poor access controls that left the company in violation of a consent decree with regulators; ill-defined roles and responsibilities for cybersecurity; an inability to segregate different types of data; and more. His 84-page complaint makes for painful reading.
One lesson, however, cuts across all of Zatko's allegations. His complaint underlines the importance of effective cybersecurity audits - since they are critical tools to find weaknesses in your security program and assuring that those weaknesses get fixed.