Poor Cybersecurity Governance & low investment in cybercapabilities resulted in 2021's Twitter breach

Twitter was one of the world's largest social networks, with over 500 million users. It became a pervasive tool in election campaigns, allowing candidates, parties, journalists, and the public to interact and research political reactions.

Twitter in figures

Revenue for 2021: $3.72 billion

Net loss for 2021: $221 million

Revenue streams: Advertising (95%) & Data licensing and other services (5%)

Competitors: Facebook (including Instagram), Snapchat, & LinkedIn.

MITRE ATT&CK Analysis

Timeline of the events

GDPR Violation

New Response Plan

Activate incident response plan

• Identify and patch the vulnerability.

• Isolate and secure compromised systems or databases.

• Restore systems from clean backups. Prioritize business criticcal systems based on BIA.

  
  

Notify users & relevant regulatory authorities and communicate

• Inform users, info compromised and potential risks.

• Provide clear instructions to users.

• Establish dedicated communication channel.

• Notify authorities in line with regulations' timelines

• Cooperate with authorities in their investigations.

  
  

Manage crisis and public relations

• Execute a comprehensive crisis communication plan.

• Engage with media outlets to provide accurate information.

  
  

Lessons learned

• Post-incident review, identify root causes & areas for improvement.

• Implement changes & updates to policies, procedures, & technologies.

• Foster a culture of security awareness.

• Conduct Security Audit.