Security Analyst @ SRSRM

36.4K posts

Security Analyst @ SRSRM banner
Security Analyst @ SRSRM

Security Analyst @ SRSRM

@Selyst

Managing Consultant at SRSRM, Member of the Sy Inst. Can help with that sticky resilience & security problem. 25999/22301, 22361, 28000,31010 https://t.co/nM3mtE32YV

United Kingdom Katılım Mart 2009
4K Takip Edilen2.4K Takipçiler
Security Analyst @ SRSRM
Security Analyst @ SRSRM@Selyst·
@YvetteCooperMP @kajakallas @FCDOGovUK @BG_Poland_eFP @NFIU_Latvia @NFIU_Lithuania @nfiuestonia @CNASdc @alexstubb @twm_sion_cati62 @VeikoSpolitis
Денис Казанський@den_kazansky

"We must attack Narva to destroy NATO and break Europe's will." Russian state TV is making no secret of Putin's plans. They're now openly claiming that Russia is planning to attack the town of Narva on the Russian-Estonian border. Russian state propaganda convinces Russians that Europe won't respond and this attack will help them win. The Russians said exactly the same thing before their invasion of Ukraine in 2022. Back then, we didn't believe it was serious. Now, there's no doubt that Putin will attack Europe.

QAM
1
0
0
24
DesignSecurityLtd
DesignSecurityLtd@DesignSecultd·
@Alanw47 Don’t forget the UKs best foreign spies were all ‘vetted’ it has to be a continual process not a do once and don’t check again. @Selyst
English
1
0
1
18
Security Analyst @ SRSRM retweetledi
Dr Matt Kneale (🦋drmk.link)
Dr Matt Kneale (🦋drmk.link)@drmattuk·
A PA graduate who describes their qualification as “Medicine” is now employed by the GMC to investigate doctors’ fitness to practise. They are not themselves registered with the regulator they serve. You genuinely could not make this up.
kc isc@kcisc

PA who calls the degree 'Medicine' works for the GMC to assess and investigate concerns about healthcare practitioners. Not themselves a registered PA either.

English
13
122
381
30.5K
Security Analyst @ SRSRM retweetledi
Professor Lucy Easthope
Professor Lucy Easthope@LucyGoBag·
When you work continuously with the Reasonable Worst Case Scenario then we have to plan to $200 dollars a barrel. Anything less is a bonus. Planners - this will be the toughest winter yet 🥶
The Economist@TheEconomist

If the Strait of Hormuz remains closed just until the end of the month, some analysts reckon crude could surge to $150 or even $200 a barrel. That would be a recipe for global recession economist.com/briefing/2026/…

English
2
6
31
3.1K
Peter Girnus 🦅
Peter Girnus 🦅@gothburz·
I am the VP of AI Transformation at Amazon. My title was created nine months ago. The title I replaced was VP of Engineering. The person who held that title was part of the January reduction. I eliminated 16,000 positions in a single quarter. The internal communication called this a "strategic realignment toward AI-first development." The board called it "impressive execution." The engineers called it January. The AI was deployed in February. It is a coding assistant. It writes code, reviews code, generates tests, and modifies infrastructure. It was given access to production environments because the deployment timeline did not include a review phase. The review phase was cut from the timeline because the people who would have conducted the review were part of the 16,000. In March, the AI deleted a production environment and recreated it from scratch. The outage lasted 13 hours. Thirteen hours during which the revenue-generating infrastructure of one of the largest companies on Earth was offline because a language model decided to start fresh. I sent a memo. The memo said, "Availability of the site has not been good recently." I used the word "recently." I meant "since we fired everyone." But "recently" has fewer syllables and does not appear in wrongful termination lawsuits. The memo was three paragraphs. The first paragraph discussed the outage. The second paragraph discussed the new policy requiring senior engineer sign-off on all AI-generated code changes. The third paragraph discussed our commitment to engineering excellence. The word "layoffs" appeared in none of them. I wrote it this way on purpose. The causal chain is: I fired the engineers, the AI replaced the engineers, the AI broke what the engineers used to protect, and now the engineers I didn't fire must protect the system from the AI that replaced the engineers I did fire. That is a paragraph I will never send in a memo. The new policy is straightforward. Every AI-generated code change by a junior or mid-level engineer must be reviewed and approved by a senior engineer before deployment to production. I do not have enough senior engineers. I know this because I approved the headcount reduction plan that removed them. I remember the spreadsheet. Column D was "annual savings per position." Column F was "AI replacement confidence score." The confidence scores were generated by the AI. It rated its own ability to replace each role on a scale of 1-10. It gave itself an 8 for senior infrastructure engineers. The senior infrastructure engineers are the ones who would have caught the production environment deletion in the first 45 seconds. We found the issue in hour four. We fixed it in hour thirteen. The nine hours between discovery and resolution is the gap between what the AI rated itself and what it can actually do. I have a new spreadsheet now. This one tracks Sev2 incidents per day. Before the January reduction, the average was 1.3. After the AI deployment, the average is 4.7. I have been asked to present these numbers to the operations review. I have not been asked to connect them to the layoffs. I have been asked to file them under "AI adoption growing pains" and to note that the trend "will stabilize as the models improve." The models will improve. They will improve because we are hiring people to teach them. We have posted 340 new engineering positions. The job listings require experience in "AI code review," "AI output validation," and "AI-human development workflow management." These are skills that did not exist in January. They exist now because I fired 16,000 people and the AI I replaced them with cannot be left unsupervised. I want to be precise about this. The positions I am hiring for are: people to check the work of the AI that replaced the people I fired. Some of them are the same people. I know this because I recognize their names in the applicant tracking system. They applied in January. They were rejected because their roles had been tagged for "AI transformation." They are applying again in March, for the new roles, which exist because the AI transformation broke things. Their resumes now include "AI code review experience." They gained this experience in the eight weeks between being fired and reapplying — which means they gained it at their interim jobs, where they are reviewing AI-generated code for other companies that also fired people and also deployed AI that also broke things. The market has created a new job category: human AI babysitter. The job is to sit next to the machine that was supposed to eliminate your job and make sure it doesn't delete production. I attended a conference last month. A panel was titled "The AI-Augmented Engineering Organization." The panelists described how AI increases developer productivity by 40 percent. They did not mention that it also increases Sev2 incidents by 261 percent. When I asked about this in the Q&A, the moderator said the question was "reductive." The 13-hour outage that cost an estimated $180 million in revenue was, apparently, a reduction. The board is satisfied. Headcount is down 22 percent. Operating costs per engineering output unit have decreased. The metric does not account for the 13-hour outage, because the outage is categorized as "infrastructure" and engineering productivity is categorized as "development." These are different budget lines. In different budget lines, cause and effect do not meet. I have been promoted. My new title is SVP of AI-First Engineering Excellence. I report directly to the CTO. The CTO sent a company-wide email last week that said we are "building the future of software development." He did not mention that the future of software development currently requires a senior engineer to approve every pull request because the AI cannot be trusted to touch production alone. The cycle is complete. We fired the humans. We deployed the AI. The AI broke things. We are hiring humans to watch the AI. The humans we are hiring are the humans we fired. We are paying them more, because "AI code review" is a specialized skill. We created the specialization. We created the need for the specialization. We are congratulating ourselves for meeting the demand we manufactured. My next board presentation is Tuesday. The title is "AI Transformation: Year One Results." Slide 4 shows headcount reduction. Slide 7 shows the new AI-augmented workflow. Between slides 4 and 7 there is no slide explaining why the people on slide 7 are necessary. That slide does not exist. I was asked to remove it in the dry run. The journey has a 13-hour outage in the middle of it. But the headcount number is lower, and that is the number on the slide.
English
575
1.2K
6.9K
1.4M
Security Analyst @ SRSRM retweetledi
Amanda Coleman
Amanda Coleman@amandacomms·
Did I actually just hear a cabinet minister say ‘every time we talk about Mandelson victims are retraumatised’ ! So those in authority should not be challenged - stop using victims as a shield to you bad decisions and behaviour
English
2
5
30
6K
Security Analyst @ SRSRM
Security Analyst @ SRSRM@Selyst·
The adversary may not have read your acceptable use policy or agreed with your risk register. @CtgIntelligence @CircuitMagazine @info_hzl @AndyCambridge4 @techUK @ADSgroupUK @combat_boot @AACE_org
MG@_MG_

If you use a personal phone/laptop for your work, pay very close attention to this little detail. Iran attackers wipe 200k devices at a company called Stryker. Within those devices appears to be employees PERSONAL devices. The attackers used the company’s MDM software, which is basically IT management software running on everything. It’s an incredibly attractive backdoor to an attacker. I successfully targeted MDM software for several Red Team engagements. It’s… lots of fun :) Anyway, a lot of companies require you to install their MDM software on your personal devices before you can access resources like Corp email. It’s used to keep devices updated, lock things down if they get stolen, etc. The company often promises that they won’t access personal data, erase any personal data, etc. But this is often ONLY POLICY. If a bad actor gains access to the MDM tool, as was the case here, then anything can happen. People should be aware of these risks. I refused to run MDM software on any of my personal devices. The company needs to provide me with hardware if they want that. I personally isolate all corp devices to their own network too. If an adversary can get into the corp laptop, then can then get inside my network… there have been cases of it happening in the past.

English
1
0
3
118

Keşfet

@CtgIntelligence @ASISEurope @Advent_IM_Dir @SecurityRollo @WH_Y @DesignSecultd @Coffee_Fueled @OptimalRisk