Threat intelligence, Identity and access, Incident response, Leadership
In the days since Peiter “Mudge” Zatko filed his complaint with the federal government about Twitter’s problematic security practices and while Twitter stands as a special case, security researchers see familiar themes in terms of the security issues many organizations face.
Issues with identity, lax privileged access among admins, and outdated computing infrastructure abound at many organizations, not just at Twitter, say security researchers interviewed by SC Media.
Many of the issues highlighted in Mudge’s whistleblower report are the same challenges that large organizations face every day with regards to access and data privacy, said Mike Puterbaugh, CMO at Pathlock. Puterbaugh said Twitter allows too many of its staff access to the platform's central controls and most sensitive information without adequate oversight.
“The separation of duties within core enterprise applications, like ERP and HR systems is a foundational risk reduction aspect for many organizations,” Puterbaugh said. “There's countless examples in the finance context of why companies should separate certain functions. Creating a vendor in a payment system vs. paying that same vendor in a payment system, for example. It appears that Twitter is no different.”
Many security pros saw some room for lessons learned.
Andrew Hay, COO at LARES Consulting, said every organization should reevaluate the executive tolerance for reporting...
moneycontrol.com’s Post moneycontrol.com 1,301,152 followers 19m #World | Iran slams Trump’s ‘false claims’, warns Hormuz will not stay open Read More: https://lnkd.in/dJpX-iu9 Like Comme...