There’s not much any IT organization can do to prevent cybersecurity attacks from being launched. The best that can be hoped for is that the majority of these attacks will be blocked by the defenses they have put in place. Removing the malware that gets past those defenses then becomes a game of cat and mouse that comes down to how fast the organizations can remediate a breach after it has been detected. To enable IT organizations to respond faster to a breach, AttackIQ has extended FireDrill, a platform through which organizations can simulate various types of malware attacks to include support for an ATT&CK Matrix model for tracking adversary behavior developed by MITRE Corp.
AttackIQ CEO Stephan Chenette says FireDrill provides a mechanism through which organizations can validate how good their security processes are today.
“Most organizations have no idea how effective the security products they’ve bought really are,” says Chenette.
Chenette says AttackIQ is now providing insights into those capabilities using a model developed by MITRE that has become a de facto standard within the IT security community. The goal is to apply data-driven analysis to cybersecurity processes and technologies that are all too often evaluated on a subjective basis, says Chenette.
As the percentage of IT spending being consumed by IT security continues to increase, many business leaders are concerned that the allocation of those funds is taking dollars away for IT projects that otherwise could be used to fuel digital business innovation projects. Cybersecurity professionals, meanwhile, often find themselves making a case for allocating money to defend an organization from a theoretical threat without much in the way of supporting evidence. Most of them can’t even demonstrate how effective their existing investments in cybersecurity have been, much less whether they were consistently applied. Despite all the cybersecurity defenses they might have, all it takes is one incident for everyone inside that organization to start questioning their competency. That issue is a contributing factor to why there is a lot of turnover in the cybersecurity leadership ranks.
The FireDrill platform doesn’t directly improve cybersecurity. But it can go a long way toward increasing the resiliency of both the IT environment itself as well as protecting the careers of the cybersecurity professionals tasked with managing it.