Where will the security community turn, if not Twitter?
Twitter is a preferred and far-reaching channel for organizations to disclose when a cyberattack or incident has occurred. If that goes away, or Twitter is ultimately viewed as a less trusted and valuable place for cybersecurity discourse, there aren’t many mass media alternatives that carry the same weight.
The platform has always been a bit chaotic. A heightened period of volatility of late, largely due to massive layoffs, hasty changes to identity verification and internal strife following Elon Musk’s takeover of the company, has many in cybersecurity wondering what life might be like without Twitter.
Twitter’s death has been greatly exaggerated before, and while the factors causing this latest calamity are different, the platform is still alive and kicking.
Many advertisers are fleeing or otherwise pausing activity on Twitter, but the consistent stream of credibility hits could cause long-lasting damage for the information security community.
“Twitter acts as an aggregator and info-sharing platform for the cybersecurity community and if that community splinters onto other platforms, as we’re already starting to see, the disruption to the flow and exchange of information will be counterproductive,” Brett Callow, threat analyst at Emsisoft, said via email.
“Just how counterproductive it will be remains to be seen and depends, in part, on how quickly the community comes back to Twitter — if Twitter remains in business, of course — or centralizes on another platform,” Callow said.
The company’s credibility has taken a major hit. High-profile companies have been impersonated and verified for the low price of $8 per month thanks to Twitter Blue, a revamped feature that went live and was halted about a week later.
One such verified account, pretending to be Eli Lilly’s corporate account, tweeted “insulin is free now,” resulting in billions of dollars being wiped from its market cap in a single day. The pharmaceutical giant halted all Twitter ad campaigns in response.
Those who have spent a few minutes on Twitter recently see a barrage of final goodbyes — a living funeral for a platform that’s often revered and despised in the same breath by the same individuals. There’s nothing like Twitter: Users love it and hate it.
Concerns over information on the platform extend to Twitter’s long-held prominence as a disclosure channel.
Corporate strategies for cybersecurity-related communications will likely adapt, according to Andrew Barratt, VP of technology and enterprise accounts at cybersecurity advisory firm Coalfire.
“Whilst Twitter is a quick way to get out to the masses, it’s still very follower dependent,” Barratt said via email.
Major disclosures, particularly those that trigger regulatory requirements, will still be distributed via press releases and filings with the Securities and Exchange Commission.
“From an incident disclosure perspective, it will be interesting to see if [Twitter] maintains its amplification factor for much longer,” Barrett said.
Twitter still commands unparalleled sense of urgency
Time is of the essence in cybersecurity, and Twitter has few, if any, equals in that regard.
The Cybersecurity and Infrastructure Security Agency and U.S. Computer Emergency Readiness Team (US-CERT) each have more than 200,000 followers on Twitter, some of whom rely on the latter to receive alerts, advisories and guidance the moment they are released.
Federal cyber authorities publish critical information online and individuals can sign up to receive alerts via email, but those emails often lag behind the online publication and tweets linking to those posts.
CISA Director Jen Easterly and Rob Joyce, the National Security Agency’s director of cybersecurity, are prominent figures and active Twitter users that further amplify the government’s message.
“When a cyberattack occurs or a vulnerability is disclosed, every second counts and effective communication can make or break a response,” Anne Cutler, director of global communications at Keeper Security, said via email.
“Love it or hate it, Twitter fostered this critical communication quickly, effectively and in real time,” Cutler said.
Federal agencies and organizations will be challenged to rebuild audiences of the same size and activity level elsewhere in the event Twitter loses luster as a cybersecurity resource and disclosure channel.
Twitter has also attracted an active community of cybersecurity professionals that often turn to the platform first to share the latest threat intelligence, security data and research about the dark underbelly of ransomware activity.
They’re also good for a few laughs when they lambaste the state of enterprise technology.
Twitter is a place for discourse, where rumors and outages are first questioned, before disclosure really takes center stage.
Individuals who are responsible for cybersecurity know where to find pertinent information, even without Twitter. Public discourse among those in the trenches, however, might get splintered.
“The cybersecurity community will survive without Twitter. People who do security will either move to another platform or, knowing how coders like to fix problems, they will develop another platform that caters specifically to the community,” Mike Parkin, senior technical marketing engineer at cyber risk remediation firm Vulcan Cyber, said via email.
“Who better to create a secure, and neutral, alternative platform than disgruntled cybersecurity professionals?” Parkin said.
Some of the most high profile and highly engaged cybersecurity professionals on Twitter have shared their discontent about recent changes to the platform and its leadership. Oftentimes those tweets convey an air of finality with links to their presence on other platforms, but more often than not they come back and tweet again.
Much has been said about the flight risk, and yet those discussions about Twitter are happening on Twitter. Same, as always.
Gloss