"Leveraging anything that was not properly vetted could result in serious consequences. There are many, of course, but a few of them include: Drowning in false positives (and thus potentially missing true positives), Wasting resources chasing ghosts, Causing unnecessary downtime by responding to faux incidents, Damaging trust and relationships (sometimes irreparably) with stakeholders, Harming the reputation and political capital of the security team."
"While most of us vet security information rigorously, when we hear information, and especially negative information, about people or organizations, most of us don't vet it rigorously at all. In fact, in many cases, we will begin thinking negatively of or discounting who or what we heard negative information about before asking simple questions that could quickly expose the truth."
"In general, people do not like to displease other people or to come across as unpleasant. In addition, many people prefer to avoid conflict, even if that conflict is necessary and would result in better outcomes."
Security operations require careful vetting of sources, intelligence, indicators of compromise, and tactics to prevent serious consequences including false positives, wasted resources, unnecessary downtime, damaged stakeholder relationships, and reputational harm. However, this same rigorous vetting discipline is rarely applied to information about people or organizations. When negative information surfaces, most people accept it without proper verification, forming negative opinions before asking clarifying questions. This inconsistency stems partly from human behavior patterns where people avoid displeasure and conflict, even when scrutiny would reveal truth. Applying consistent vetting standards across all information types would improve decision-making and organizational relationships.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]