Mitre on Wednesday released a new communication and planning framework for cyber adversary engagement that focuses on deception and denial. The new framework called Engage, according to Mitre, will help CISOs and other cybersecurity leaders, vendors, defenders, and the cybersecurity community as a whole to implement comprehensive defense strategies to protect the digital assets under their watch.
What is Mitre’s new Engage framework all about?
Here are some of the highlights of the new framework:
- It is essentially designed to shrink barriers to better cybersecurity planning and analysis by enabling the development of a coherent institutional anti-cyber adversarial strategy.
- Unlike frameworks that propose one barrier (often at the perimeter level), the Engage framework proposes blocking an intrusion as a first step and engaging and deceiving an adversary if they have managed to cross the entry threshold
- In this sense, the Engage framework is essentially proposing a multi-pronged strategy to protect enterprises
- It can help defenders identify a cyber adversary’s weaknesses while using a specific ATT&CK technique. This weakness can then be used against the adversary to degrade the quality of attack
- It proposes to engage the adversary through deception operations to reduce the cost of a data breach, keep the attacker engaged in wasteful endeavors and make the attack easier to detect and target
- It is oriented towards making cyber adversaries fail early so that they are led into a decoy alley from which it will be hard for them to escape and strike back at core assets
- CISOs can use Engage to plan better, in-house cybersecurity teams can use it to deploy better protective measures while cybersecurity vendors can align their products to it to improve defense outcomes
- The Engage toolkit includes a guidebook, starter kit, worksheets, posters, and other resources designed to help improve the adoption of the framework
- The framework also standardizes technology terms to make it easier for cross-geography teams to collaborate. It is also designed to engage the relatively less experienced user as well
As businesses grow in scale, it is essential to deploy some level of deception to deflect attacks away from core digital infrastructure. Deception helps not just in keeping attacks at bay but also in studying the behavior of an attacker. With cyberattacks on IoT deployments and OT devices increasing by the day, deception could be one solution to contain attacks and limit the damage caused by a breach.
To learn more on how your enterprise can deploy a unique cyber protection strategy for your core assets, talk to our cyber experts today.
If you wish to learn how the threat environment has changed in 2021 and its implications for your business, we encourage you to read the 2022 IoT and OT Threat Landscape Assessment and Analysis Report In the aftermath of the Russia-Ukraine conflict, cyberattacks have gathered momentum. Try out our IoT and OT threat intelligence feeds for free today to improve your threat hunting and risk management measures
For more informational content, subscribe to our weekly updates and be notified at the latest.
Try our rich OT and IoT-focused cyber threat intelligence feeds for free, here: IoT and OT Focused Cyber Threat Intelligence
Planning to upgrade your cybersecurity measures? Talk to our IoT and OT security experts here: Reach out to sectrio.