David Spark
π€ SpeakerVoice Profile Active
This person's voice can be automatically recognized across podcast episodes using AI voice matching.
Appearances Over Time
Podcast Appearances
And or.
I'm just giving you crap.
This is the first.
Sarah, what do you do with your team?
Your incident response tabletop, your IR tabletop, is lying to you.
Not because the scenario is wrong, because the incentives are.
Now this is what Joshua Copeland of Crescendo argues that in tabletop exercises, everyone talks fast, decisions are clean, ownership is clear, and nobody protects themselves.
No real incidents ever unfold.
In a real breach, the first control to fail isn't a firewall, it's authority.
People don't hesitate because they lack training.
They hesitate because escalation is political.
Detection becomes, quote, let me validate one more thing.
Or containment becomes, let's wait for leadership.
And disclosure becomes, legal is reviewing the language.
If nobody in the tabletop worries about consequences, you didn't simulate incident response.
The breach won't expose your controls.
It will expose who is allowed to act without permission.
It's like playing poker without real money.
You play the game very differently when there are actual stakes.
So I'm going to ask you, Sarah, how do we actually inject stakes into tabletops to reveal those fault lines?