Organizations invest more than $3 billion annually on SIEM software and expect this investment to result in comprehensive threat coverage. However, an analysis of live SIEM deployments across select CardinalOps customers in multiple industry verticals, including healthcare and financial services, reveals that the threat coverage remains far below what organizations expect and what SIEM and detection tools can provide. Worse, organizations are often unaware of the gap between the theoretical security they assume they have and the actual security they get in practice, creating a false impression of their security posture.
The cybersecurity industry has embraced MITRE ATT&CK for good reason: it provides security leaders and practitioners an objective, third-party standard with which to evaluate their own detection coverage and EDR solutions. But even while they recognize the value, many organizations are unsure about what specific steps they should take to fully benefit from MITRE ATT&CK.
McAfee and the University of California, Berkeley’s Center for Long-Term Cybersecurity (CLTC) released a new research study, MITRE ATT&CK as a Framework for Cloud Threat Investigation, developed by CLTC researchers. The report focuses on threat investigation in the cloud through the lens of the most widely adopted framework, MITRE ATT&CK.
The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies.
John A. Wilson is now vice president and Chief Information and Security Officer at MITRE, leading the Enterprise Computing, Information, and Security organization.
MITRE announced the launch of a website-based public input option for organizations and members of the public interested in helping to inform the Coronavirus Commission for Safety and Quality in Nursing Homes (“commission”).
Ask a CEO how he or she rose to the top, and they’ll typically cite a litany of past upper level executive management roles, with a clear strategy to get there.
Many organizations protect their cyber infrastructure by looking inward, focusing on their own networks and systems. They dedicate themselves to reducing the attack surface, assessing their vulnerabilities, and conducting system patching – all to continuously monitor their own networks.