📣 Help needed! For our upcoming #RSAC talk,
@npub1d8w5...pc75 and I are studying cyber near misses, moments where serious harm was narrowly avoided, and what we can learn from them. These near misses might apply to software development, or to network defense. (Please boost for reach! 🙏)
We are hoping to surface general patterns using some (anonymized) examples.
If you’re willing, reply with a high-level response to one or two of these prompts. Anonymize as appropriate, and/or send to us in DMs if you prefer:
* What lesson did an organization fail to learn after a near miss, even though it seemed obvious at the time?
* Describe a time when you discovered something and thought “If we didn’t catch this now, it would have been baaaaad”.
* Describe a time when you dealt with a software vulnerability in your systems that was being actively exploited elsewhere, but (as far as you could tell), not in yours. What saved the day?
* What repeated “almost failures” do you see getting normalized or waved away as acceptable risk?
* Can you recall a near miss triggered by a third party such as a researcher report, customer question, bug bounty submission, or vendor advisory that revealed a bigger issue than expected?
* Can you think of a near miss where the most important factor was not a security control, but a human action like someone double-checking, questioning an alert, or escalating a “weird feeling”?
Thanks!
