T’was the Night Before the Breach — 2023 Edition
T’was the night before the breach, and all through the message board, not a creature was stirring, not even the sharing of national security secrets on the Discord.
The Citrix Netscaler’s were hung by the chimney without care, in the hopes that ransomware would soon not be there.
The security team were nestled all snug in their beds, while visions of a properly implemented zero trust architecture danced in their heads.
And the CEO in her crocs, and CISO in his Topgolf cap, had just settled their brains for a long winters nap.
When out of the Slack alerts channel there arose such a clatter, I sprang from my bed to see what was the matter.
Away to the computer I flew like a flash, my domain credentials stored in the cache.
The trails of logins to the enterprise single sign on system bouncing around the globe, I opened the logs and began to probe.
When, what to my eyes should suddenly appear, but a confidential labelled email from the vendor telling me not to fear.
With a jolly introduction, so lively and quick, they told me not to talk about the contents of the email until the markets had their pick.
More rapid than eagles the reassurances they came, the breach isn’t as widespread as people may claim.
“Now IT! Now Infosec! Now CISO! Now CEO! Oh, end users! Oh, SAML! Oh, SSO! Our vendor got popped, but we’re going to be ok — besides they have no competition anyway, they dashed them away all!”
As dry leaves before the wild hurricane fly, they promised to bring in a third party to see where things went awry.
So off to Mandiant they flew, in the hope that they wouldn’t be getting a stack of invoices up the wazoo.
And then, in a twinkling, I heard them say on the webinar, their investigation was more over the place than a full self driving car.
As I drew in my head, I was very confused, should I worry or shitpost to keep myself amused.
We promise we love security, we just grew too fast, please don’t judge our maturity.
This appears to have been an isolated incident, a process must change, at least we aren’t still using on-premises Exchange.
My eyes how they cried! My face how mad! My cheeks were like roses, just like when I listened to that Web 3 guy, Chad.
The vendor, how could they be so quick to judge, like the CEO of Unity eventually they’d budge.
The software changes would ship that week, and they’d give the admin session timeouts a tweak.
The speed of the release made me nervous in my belly, but at least I hadn’t been waiting years for a Cybertruck to make everyone around me jelly.
My engineer had done so before he knew Elon was crazy, and now he felt his judgement had been a little hazy.
A wink of her eye and a twist of her head, another engineer gave me to know I had nothing to dread.
She spoke not a word, but when straight to her LLM, and asked it to write a reassuring message to the company to protect the vendor from the inevitable condemn.
And laying her finger aside of her nose, and giving a nod, up to the boardroom she rose!
She sprang to tell them that the incident was handled, and not to fire the CEO, at least not without letting their biggest investors know.
But I heard her exclaim we were now secure, ‘ere she drove out of sight, “happy incident free Christmas to all, and to all a good-night!”
Adapted from the 2021 version of T’was the night before the breach, which was adapted from the 2020 version of T’was the night before the breach, which was adapted from T’was the night before the breach from a few years ago, which was of course adapted from the original poem, by Clement Clarke Moore.
