The State of MITRE ATT&CK Threat-Informed Defense in 2021

In today's remote work environment and increasing attacks, surprisingly about half of organizations are either decreasing their training budgets or keeping them the same. To better prepare modern cybersecurity professionals against agile and evasive adversaries, MITRE ATT&CK Defender™ (MAD) focuses on teaching and validating the real-world application of ATT&CK in threat-informed defense. With 82% of professionals saying they would like to learn more about how to apply ATT&CK to their work, it’s clear security and IT professionals are committed to developing their skills. This survey shows many practitioners have struggled to confidently and practically apply it in their work to gain an advantage. The full report uncovers more insights about the MITRE Framework and it's current and potential impact for cybersecurity and IT organizations.

Highlights from the report show:

• 73 percent of respondents found it valuable to have credentials validating mastery in applying ATT&CK, while 70 percent of hiring managers seek out employees who have the skill to apply it;
• Only 24 percent say they have in-depth knowledge of ATT&CK and have begun to apply it in their work;
• 65 percent of managers agreed that skills gaps have a negative impact on their team’s effectiveness;
• 18 percent of individuals know nothing at all about the MITRE ATT&CK Framework.

“Over the years, we’ve seen the security community embrace our MITRE ATT&CK framework, but many practitioners have struggled to confidently and practically apply it in their work to gain an advantage. With the launch of MAD, practitioners will have access to learn and master the application of the ATT&CK knowledgebase to get ahead of adversaries,” said Steve Luke, Director of Content for MITRE ATT&CK Defender™. “In partnership with Cybrary, we’re confident in the ability to strengthen the community and make a positive impact in shrinking the skills gap.”