91制片厂

To effectively protect your business interests, you need to be able to address what the most pressing vulnerabilities in your network are. Which attack vectors should you model first? How do you adequately understand your threat vectors when attacks continually change and adapt?
Security can often be asked the world but given a minimal budget with which to accomplish it.
Security decisions are always under pressure from varying demands that pull even the most well-balanced security team in every direction.
Adequately modeling any and every possible scenario is ineffective and haphazard at best. Hoping that you have chosen the most pressing attack vectors to model will not work in the modern day of threat tactics.

Our Advice

Critical Insight

Precision is critical to being able to successfully defend against threats.
- Traditional threat modeling such as STRIDE or PASTA is based on a spray-and-pray approach to identifying your next potential threat vector. Instead, take a structured risk-based approach to understanding both an attacker鈥檚 tactics and how they may be used against your enterprise. Threat preparedness requires precision, not guesswork.
Knowing is half the battle.
- You may be doing better than you think. Undoubtedly, there is a large surface area to cover with threat modeling. By preparing beforehand, you can separate what鈥檚 important from what鈥檚 not and identify which attack vectors are the most pressing for your business.
Be realistic and measured.
- Do not try to remediate everything. Some attack vectors and approaches are nearly impossible to account for. Take control of the areas that have reasonable mitigation methods and act on those.
Identify blind spots.
- Understand what is out there and how other enterprises are being attacked and breached. See how you stack up to the myriad of attack tactics that have been used in real-life breaches and how prepared you are. Know what you鈥檙e ready for and what you鈥檙e not ready for.
Analyze the most pressing vectors.
- Prioritize the attack vectors that are relevant to you. If an attack vector is an area of concern for your business, start there. Do not cover the entire tactics list if certain areas are not relevant.
Detection and mitigation lead to better remediation.
- For each relevant tactic and techniques, there are actionable detection and mitigation methods to add to your list of remediation efforts.

Impact and Result

Using the MITRE ATT&CK^庐 framework, Info-Tech鈥檚 approach helps you understand your preparedness and effective detection and mitigation actions.

Learn about potential attack vectors and the techniques that hostile actors will use to breach and maintain a presence on your network.
Analyze your current protocols versus the impact of an attack technique on your network.
Discover detection and mitigation actions.
Create a prioritized series of security considerations, with basic actionable remediation items. Plan your next threat model by knowing what you鈥檙e vulnerable to.
Ensure business data cannot be leaked or stolen.
Maintain privacy of data and other information.
Secure the network connection points.
Mitigate risks with the appropriate services.

This blueprint and associated tool are scalable for all types of organizations within various industry sectors, allowing them to know what types of risk they are facing and what security services are recommended to mitigate those risks.

Threat Preparedness Using MITRE ATT&CK庐 91制片厂 & Tools

Start here 鈥� read the Executive Brief

Read our concise Executive Brief to find out why threat preparedness is a crucial first step in defending your network against any attack type. Review Info-Tech鈥檚 methodology and understand the ways we can support you in completing this project.

Threat Preparedness Using MITRE ATT&CK庐鈥� Executive Brief

1. Attack tactics and techniques

Review a breakdown of each of the various attack vectors and their techniques for additional context and insight into the most prevalent attack tactics.

2. Threat Preparedness Workbook mapping

Map your current security protocols against the impacts of various techniques on your network to determine your risk preparedness.

3. Execute remediation and detective measures

Use your prioritized attack vectors to plan your next threat modeling session with confidence that the most pressing security concerns are being addressed with substantive remediation actions.

Member Testimonials

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.

9.0/10

Overall Impact

$2,720

Average $ Saved

20

Average Days Saved

Client

Experience

Impact

$ Saved

Days Saved

Testimonial

First Citizens Bank Limited

Guided Implementation

9/10

$2,720

20

Having access to templates is extremely beneficial as it significantly reduces the time required to complete tasks from scratch.

About Info-Tech

91制片厂 is the world鈥檚 fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Need Extra Help?
Speak With An Analyst

Get the help you need in this 3-phase advisory process. You'll receive 6 touchpoints with our researchers, all included in your membership.

Guided Implementation 1: Attack tactics and techniques

Call 1: Explain methodology and scoping.
Call 2: Identify relevant attack tactics and techniques.

Guided Implementation 2: Threat Preparedness Workbook mapping

Call 1: Work through associated techniques and sub-techniques.
Call 2: Analyze preparedness and plan for attack vectors.

Guided Implementation 3: Execute remediation and detective measures

Call 1: Identify and prioritize detective and mitigative measures.
Call 2: Summarize results and plan next steps.

Author

Isaac Kinsella

Contributors

Ramkumar Ramachandran, Principal Consultant, Ascentant Corporation
Thomas DeLaine, Director, Information Security, Comprehensive Health Services
Anthony Vitello, Senior Vice President, Global Information Security, Citigroup
Matthew Langford, Chief Information Office, University of Northern Colorado
Robert Banniza, Senior Director, IT Center Security, AMSURG
Son D., Senior Security Engineer/Architect
Kantcho Manahov, Senior Cloud Cyber Security Manager, KPMG
Luz Cervantes, IT Asset Manager, Northgate Markets

Search Code: 97478
Last Revised: August 10, 2021

Visit our IT鈥檚 Moment: A Technology-First Solution for Uncertain Times Resource Center
Over 100 analysts waiting to take your call right now: +1 (703) 340 1171