In cybersecurity, nation states, cyber criminals, hacktivists, and rogue employees are the usual suspects. They fit nicely into categories like external attackers or insider threats. But what about our essential suppliers, partners, and service providers? We rely on them, sometimes inviting them in to help manage our networks and internal systems. It’s easy to overlook them as … [Read more...] about MITRE ATT&CK: The Magic of Segmentation
MITRE
MITRE ATT&CK: The Magic of User Training
October is National Cybersecurity Awareness Month, and this year the theme is “Do Your Part. #BeCyberSmart.” It reminds all of us — individuals and organizations alike — to be proactive and accountable. Cybersecurity is our shared responsibility, and we can do it together. At Cisco, we’re thrilled to contribute a monthlong roster of engaging events, activities, and educational … [Read more...] about MITRE ATT&CK: The Magic of User Training
MITRE ATT&CK: The Magic of Endpoint Protection
In our first blog, we introduced the Magic of Mitigations. They’re the key to getting started with MITRE ATT&CK. Now let’s look at some of the most magical ones, starting today with Behavior Prevention on Endpoint (M1040), Exploit Protection (M1050) and Execution Prevention (M1038). Wait, what’s the difference? At a quick glance, they might all sound about the same. So … [Read more...] about MITRE ATT&CK: The Magic of Endpoint Protection
MITRE ATT&CK: The Magic of Mitigations
That “aha!” moment doesn’t always happen right away. When learning new things, sometimes we need to slow down and take it all in. For me, understanding MITRE ATT&CK was like that. Sure, the notion of thinking like an attacker made sense, and its structure was clear. Then came the “now what?” moment. Soon I discovered the key to getting started. May I share it with … [Read more...] about MITRE ATT&CK: The Magic of Mitigations