What is CTID and why is it essential to security professionals?
Marcus W. Johnson
Cyber Threat Intelligence Engineer |MSc. Cybersecurity |SASE |SSE |ISC2 CC |ICS/OT Risks |MITRE ATT&CK Defender |Adversary Emulation & Detection Engineer |SOC/XDR |IAM|AI/ML |Security Controls Validation Engineer|
The Center for Threat Informed Defense is a necessity that grew out of the MITRE Project developed by MIT, designed to engage in collaborative research and development projects with its members to advance the state of art and practice of threat-informed defense. This group of members are recruited from global critical infrastructure companies, sophisticated and innovative securities, leading technology companies, and cybersecurity-related non-profits.
Research areas of the CTID include:
● Advance global understanding of adversary tradecraft, e.g. expand ATT&CK into new technology domains like cloud
● Measure evolving adversary behavior, e.g. establish a “most wanted” list of adversary techniques
● Enable continuous assessment of our defenses, e.g. develop, share and automate adversary emulation playbooks
● Continuously identify, catalyze development of and/or research new ways to thwart ATT&CK techniques across Protect, Detect & Respond All R&D Outputs will be made globally available to maximize impact.
In practice it is essential for security professionals to be informed of a threat informed defense as it is a proactive approach to cyber security that utilizes three elements to provide an evolving feedback loop to your security team.
IT Consultant | GDG Kumasi | ICANN Fellow | YALI RLC Fellow | CySA+ | Sec+ | 2xCCNA | GCP ACE | 3xAzure | NetAcad | Explore ML Facilitator | ITDRCOPS
4yThank you for sharing