"Because of how Uber's PM ran our #bugbounty program, the moment the reporter reached out, I was able to respond effectively." Melanie Ensign @Wednesday on the value of collaboration in #securitycomms #cybersecurity #incidentresponse #CriticalPointWarStories
🔥 New Discernible Drill Alert: When Ransomware Groups Target Your Executives Personally
We have a new drill this week based on the current SalesLoft/Drift ransomware incident where threat actors didn't just encrypt systems, they threatened coordinated harassment campaigns against executives.
This drill practices skills that most incident response training ignores:
→ Advising leaders to be SPECIFIC in breach notifications (not hide behind vague legal-speak that destroys customer trust)
→ Coordinating with industry peers to share threat intelligence during sector-wide attacks
→ Supporting executives facing personal extortion, including threats to families, fake allegations, professional reputation attacks
🔗 Subscribe to Discernible Drills to join this week's drill and access our full library of realistic security incident comms exercises.
🔥 Open #SecurityComms role at Santander:
“This role plays a critical part in shaping and delivering governance materials that effectively communicate cyber risk and strategy across diverse audiences, including Technology teams, Business units, Executive management, and the Board of Directors. The ideal candidate brings a unique blend of cybersecurity knowledge, marketing and communications expertise, and exceptional critical thinking and storytelling skills.”
We’re planning next year’s incident response scenarios and want YOUR input on what matters most to security pros.
Which incident types should we prioritize for 2026 Discernible Drill scenarios?
Vote for your top 3 priorities:
🔐 AI & Machine Learning Security
- AI model poisoning attacks
- Prompt injection incidents
- ML pipeline compromises
🌐 Supply Chain & Third-Party Risk
- Vendor security breaches
- Open source vulnerabilities
- SaaS integration compromises
☁️ Cloud & Infrastructure
- Multi-cloud security incidents
- Container/K8s breaches
- Serverless security failures
📱 Emerging Technology Threats
- IoT/OT security incidents
- Quantum computing threats
- AR/VR platform vulnerabilities
🎯 Social Engineering Evolution
- Deepfake-enabled attacks
- AI-generated phishing campaigns
- Voice cloning fraud
🏛️ Regulatory & Compliance
- Data sovereignty violations
- Cross-border incident response
- Emerging privacy law challenges
-----
💭 Tell us more in your replies:
- What incident types keep you up at night?
- Which scenarios would help your team most?
- Any specific industry challenges we should address?
Results will guide our 2026 training calendar!
Most security teams ask "what could go wrong?" when planning incident response. But I've found that asking "what could go right?" fundamentally changes how we prepare -- and opens up more positive opportunities for teams in their response.
It's possible to thrive through an incident, not merely survive it.
Security teams have long operated under "what could go wrong?" thinking, but this defensive mindset creates hidden pitfalls that limit our effectiveness and political capital within organizations. By shifting to "what could go right?" and reverse engineering positive outcomes, we
🏁FINAL DAY OF OUR 5TH ANNIVERSARY GIVEAWAY 🏁
Today we’ll be selecting winners for Pro subscriptions to our weekly incident response communication drills!
Last chance to enter: Comment with a blog post from our team that impacted your security practices, and tell us why it mattered.
Every comment increases your chances! Winners notified by end of day.
Thank you for 5 amazing years of learning and growing together. 💙
🚨 1 day left in our giveaway!
Tomorrow we’re selecting 5 winners to receive free Pro subscriptions to our weekly incident response communication drills!
Have our blog posts on gaining influence, cross-functional communications, or post-mortems improved your team’s effectiveness?
Comment & tell us which blog post helped you the most!
Remember: each comment = new entry. More participation = better chances!
Get your entries in before tomorrow’s deadline!
What’s your biggest incident response communication lesson?
Share which of our blog posts taught you something valuable!
Our 5-year anniversary giveaway continues: 5 Pro subscriptions to our weekly IR comms drills up for grabs. (a $1,200 value!)
Each blog post you share on counts as a separate entry. Multiple entries encouraged!
Winners randomly selected Friday.
Still plenty of time to participate!
💫 New Discernible Drill this week!
You’ll face escalating challenges that force difficult tradeoffs between business continuity, stakeholder communications, and technical remediation - all while racing against the clock. 😰
Subscribe at DiscernibleInc.com/drills
🎉DAY 2 OF OUR ANNIVERSARY GIVEAWAY 🎉
To give back to our amazing community, we’re offering free 1-year Pro subscriptions to our weekly #IncidentResponse communication drills!
To enter: Share which blog post from our team helped you the most & why.
5 random winners chosen Friday.
Kevin Riggle
Discernible
melanie ensign (she/her)