welcome to model to less than three
In this lesson, we will explore how attack can help us produce and track various cyber security metrics
and appreciate the types of questions that these metrics can help us address.
A very common but also very hard question to answer is, how can we measure our cybersecurity posture?
Because it has been no cyber security is not an easy value to quantify,
but our ability to track progress
and growth over time is vital for cybersecurity success.
And this is where attack comes in. We can use attack to produce a quantitative scorecard that helps us understand where we are today and where we need to be. Tomorrow,
we can document our priorities by highlighting the techniques that are most critical for us to defend.
We can also identify gaps by selecting the subset of techniques that we have defenses for.
In this process, analysis
can inform decision making, particularly in this case, by comparing what techniques are most important to us, with what technically defenses for we can identify where we need to improve.
And that was just one notional and very simple way of using attack a quantitative scorecard.
We can do a similar approach for the various other metadata attack,
such as data sources, detection and analytics, mitigations
And with that, we've reached our knowledge. Check for less than three
attack will explicitly provide a score of how safe your organization's defenses are.
Please positive video and take a second to think of the correct answer before proceeding.
In this case, the correct answer is false.
Attack provides a means of creating a quantity of scorecard,
but it's up to you to provide the input and the analysis.
And with that, you reached the end of less than three.
In summary, we can use attack to build quantitative score cards that enable us to ask tough questions and measure how our defenses compare against real adversary behaviors.