Despite not having the resources a Fortune 500 company has to detect and defend against external threats, small to midsize businesses are facing the same risks. Almost one in three data breaches in 2020 involved small businesses, and this number is not going down anytime soon as threat actors seek to exploit the work-from-home and cloud trends.
But faced with this ever-changing and expanding threatscape, how can a small IT security team take a few steps that can have a big impact?
The best way to stay ahead of attacks is to understand them, learn to predict them, and have a plan in place to deal with them. The MITRE ATT&CK framework is exactly the place to start.
What Is the MITRE ATT&CK Framework?The ATT&CK framework (ATT&CK stands for Adversarial Tactics, Techniques, & Common Knowledge) is a public knowledge base of threat attack techniques based on real-world observations. Developed by MITRE, a not-for-profit organization that manages federally funded research and development centers supporting US government agencies, this framework enables security defenders to block tactics with more rapid response and accurate remediation. It contains data and mitigation methods for more than 90 threat actors and almost 300 of their distinctive threat techniques.
While any organization can benefit, this is particularly useful for small businesses' security teams, threat hunters, and security operations centers (SOCs) that don't have the time and resources needed to develop their own framework. Instead, they can leverage the framework as a foundational backbone to investigate, validate, and compare attacks on the ..
Support the originator by clicking the read the rest link below.
