Reading about root cause analysis (RCA) for security breaches really freaks me out. Root causes are behind accidents and other unintentional events. Not breaches. Do you want to know the root cause of a breach? No, it is not a vulnerability that was left unpatched. If you follow the chain of events, someone decided to look for it, assembled a plan of attack, was driven by a motivation...all that at the attacker side.
Do Not Look For A Root Cause
Do Not Look For A Root Cause
Do Not Look For A Root Cause
Reading about root cause analysis (RCA) for security breaches really freaks me out. Root causes are behind accidents and other unintentional events. Not breaches. Do you want to know the root cause of a breach? No, it is not a vulnerability that was left unpatched. If you follow the chain of events, someone decided to look for it, assembled a plan of attack, was driven by a motivation...all that at the attacker side.