This is the tail of how a brand new Sr analyst ( Me ) and and intern took down the DMV Docusign for a day and a half. In this talk, I’ll walk you through a moment where good intentions and layered security collided with government workflows” resulting in DocuSign being blocked across a critical state agency. The culprit? A phishing report on a legitimate DocuSign email that triggered an automated block, creating an unintentional DoS on bureaucracy itself.

We’ll dive into: ( Always blame the intern ! ) just kidding !!
– The anatomy of a well-crafted, legitimate email that looked phishy enough to get blocked
– How false positives in phishing reporting workflows can lead to wide-scale operational impacts
– The (lack of) escalation paths between SOC teams and business-critical SaaS usage
– Balancing security with usability, especially when signatures mean progress
– Lessons learned in root cause analysis, user education, and incident response for non-malicious events
– This session isn’t about blaming tools” it’s about understanding how the human element, combined with automated security actions, can create unintended outages. If you’ve ever had to explain to leadership why no one can sign anything… this one’s for you.
– Also will tie in breaking into cyber as this was my first cyber job leaving law enforcement ! learned tons by both success, questions, and mistakes !