Predict your next investment

Center for Internet Security company logo
INTERNET | Internet Software & Services / Monitoring & Security
cisecurity.org

See what CB Insights has to offer

Founded Year

2000

About Center for Internet Security

Center for Internet Security (CIS) is a non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats.

Center for Internet Security Headquarter Location

31 Tech Valley Drive

East Greenbush, New York, 12061,

United States

518-266-3460

Latest Center for Internet Security News

Improving Cybersecurity With MITRE ATT&CK Framework

Dec 1, 2021

In my previous blog posts , I’ve talked about the NIST CSF and another framework from the nonprofit Center for Internet Security (CIS) , which has a smaller set of controls to help companies and organizations secure their environments. Now, I want to talk about the MITRE ATT&CK framework. But let’s start at the beginning: First, who is MITRE and what does ATT&CK mean? MITRE is a nonprofit organization that manages federally funded research and development centers that develop computer-related tools. They research issues for various U.S. agencies that deal with aviation, health care, homeland security (DHS) and others. ATT&CK is a framework that helps cybersecurity teams—both red and blue—figure out how threat actors gain access to computers and systems and what they do when they gain that access. ATT&CK stands for Adversarial Tactics, Techniques & Common Knowledge. Think of it as a playbook that an adversary uses to break into your mobile phone, tablet, computer or computer system. The ATT&CK framework is like having your opponent’s playbook in a football game. Every organization has limited resources, and knowing where to focus your attention helps you use those resources more effectively. The framework is free and was first published in 2015, so it is well known in cybersecurity circles. Here is an example of how to use it: Imagine you are a nonprofit that supports human rights. Because of what you do, you will be targeted by certain threat actors. As a nonprofit, you have few resources to devote to cybersecurity, so you search ATT&CK for malicious actors who target organizations like yours and see what techniques they tend to use. The ATT&CK index identifies malicious actors and who they tend to attack. In your search of the ATT&CK site, you see that a group known as APT18 targets human rights groups and tends to focus on external remote services, like a VPN or a Citrix server, rather than phishing emails to gain access to computer systems. As you review one of the techniques APT18 uses, you learn about Technique T1133 ; attackers often use valid credentials they acquired using pharming or by breaching the network through an external-facing remote service. Then, you read the ways to mitigate that threat. You can now focus your limited resources on mitigation techniques for remote services to help block that threat actor. If you look at APT18, you’ll see that they tend to use eleven techniques to gain access. ATT&CK has identified those techniques as well as how to mitigate those threats. The framework is useful for beginner, intermediate and advanced security teams because it has the technical depth to grow and mature your security posture. If you are just starting your cybersecurity journey, you will quickly discover that you need to log what is happening on your network, on your computers and systems to know what to look for and where. Are you looking for malicious network traffic or unusual activity on your mobile devices and Windows and Mac computers? Are you checking your firewall logs, your antivirus logs and your system event logs for suspicious activity? If you are not logging that information in a central server, you will have a hard time finding the threats to your network—or those that are already present! In my next blog post, I’ll talk about getting all those log files together so you can go searching for malicious activity. Recent Articles By Author

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Expert Collections containing Center for Internet Security

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

Center for Internet Security is included in 1 Expert Collection, including Conference Exhibitors.

C

Conference Exhibitors

5,302 items

Center for Internet Security Web Traffic

Rank
Page Views per User (PVPU)
Page Views per Million (PVPM)
Reach per Million (RPM)
CBI Logo

Center for Internet Security Rank

CB Insights uses Cookies

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.