colossus

joined 1 year ago
[–] colossus@infosec.pub 3 points 10 months ago* (last edited 10 months ago)

As someone who leads a major MDR and IR service, phishing was the root cause of about 7.5% of incidents last year. Exploits are #1 around 47% of incidents, followed by compromised credentials around 30% of incidents.

This only represents SME and Enterprise. Phishing likely could be #1 for individuals.

[–] colossus@infosec.pub 2 points 1 year ago

MTTD isn’t a great metric on its own and suffers from only being useful after an attack.

I prefer Katz’ approach.