Chapter 1: Cyber Threat Landscape and Security Challenges
- There are several open standard and proprietary ways to be updated with adversaries' capabilities. MITRE's Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) is one of the widely used frameworks for cyber adversary patterns, reflecting the various phases of an adversary's life cycle and the platforms they are known to target. MITRE has developed three categories to determine an adversary's main capabilities: pre-attack, attack for enterprise, and attack mobile profile.
- Cyber threat intelligence starts with collecting a lot of data and information. It includes these steps: establishing an intelligence priority framework, collaborating with intelligence sources, consulting with threat intelligence experts, and then coming to a conclusion on the solution.
- There are several technologies knocking at the door almost every quarter; however, it is important to understand the effectiveness and purpose of a specific technology before it can be given a chance. Security stakeholders should take part in privately-held security conferences and popular public forums including the RSA Conference, Black Hat Conference, DEFCON Hacking Conference, Cloud Security Expo, SANS Summit, Infosecurity Europe, World Cybersecurity Congress, Infosec World, the International Conference on Cybersecurity, and many more. CISO and CSO should also consider joining some of the independent security research companies, such as Gartner and Forrester.