“Distributors have been making [cloud] investments for years now. They’re starting to get really well positioned. They’ve all launched cloud business units, they’re sharpening their tech skills,” he said. “It’s more than having a marketplace, you’ve got to have technical skills to articulate the value of various products, etc. They’re recruiting new partners, vendors, and generating billions of dollars of business from cloud and digital services.”
So, what does all this Astros stuff have to do with threat intelligence sharing and threat profiling? Quite a bit, actually: the Astros supposedly profiled pitchers by stealing signs and then sharing that information with its players about the next pitch – or, in a way, the next big hit. Even if they broke the rules, they had the right idea: wouldn’t it be nice to see how your opponent is going to attack you?
When it comes to combating hackers, it’s acceptable to profile the tactic, technique and procedure (TTP) that a hacker adopts. We’re seeing the growth of Information Sharing and Analysis Organization (ISAO) entities, including one at CompTIA. And organizations gather and analyze threat intelligence feeds to help them determine from where the next cybersecurity hit will come.
How to Use the MITRE ATT&CK Navigator for Threat Modeling
One way to figure out where the next hit is coming from is to use the MITRE ATT&CK Navigator, shown in Figure 1, below.
You see, it’s one thing to have a general ransomware plan in case of a cyberattack. That’s a good thing. That might actually put you further ahead than most companies, even today.
But, it’s quite another thing – a much better thing – to have a detailed, tactical, procedural understanding of how to respond to an attack. You see, the promise of cyber threat intelligence is that you can get the blueprint of a response.
More Info: what can you do with an a+ certification
So, what does all this Astros stuff have to do with threat intelligence sharing and threat profiling? Quite a bit, actually: the Astros supposedly profiled pitchers by stealing signs and then sharing that information with its players about the next pitch – or, in a way, the next big hit. Even if they broke the rules, they had the right idea: wouldn’t it be nice to see how your opponent is going to attack you?
When it comes to combating hackers, it’s acceptable to profile the tactic, technique and procedure (TTP) that a hacker adopts. We’re seeing the growth of Information Sharing and Analysis Organization (ISAO) entities, including one at CompTIA. And organizations gather and analyze threat intelligence feeds to help them determine from where the next cybersecurity hit will come.
How to Use the MITRE ATT&CK Navigator for Threat Modeling
One way to figure out where the next hit is coming from is to use the MITRE ATT&CK Navigator, shown in Figure 1, below.
You see, it’s one thing to have a general ransomware plan in case of a cyberattack. That’s a good thing. That might actually put you further ahead than most companies, even today.
But, it’s quite another thing – a much better thing – to have a detailed, tactical, procedural understanding of how to respond to an attack. You see, the promise of cyber threat intelligence is that you can get the blueprint of a response.
More Info: what can you do with an a+ certification
No comments:
Post a Comment