Quantitative Scorecard

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
1 hour
Difficulty
Beginner
CEU/CPE
2
Video Transcription
00:00
>> Welcome to Module 2,
00:00
Lesson 3, quantitative scorecard.
00:00
In this lesson, we will explore how
00:00
ATT&CK can help us produce and track
00:00
various cybersecurity metrics and
00:00
appreciate the types of
00:00
questions that these metrics can help us address.
00:00
A very common but also very hard question to answer,
00:00
is how can we measure our cybersecurity posture?
00:00
Because as we know, cybersecurity
00:00
is not an easy value to quantify,
00:00
but our ability to track progress and growth
00:00
over time is vital for cybersecurity success.
00:00
This is where ATT&CK comes in.
00:00
We can use ATT&CK to produce
00:00
a quantitative scorecard that
00:00
helps us understand where we are
00:00
today and where we need to be tomorrow.
00:00
For example, we can document our priorities
00:00
by highlighting the techniques
00:00
that are most critical for us to defend.
00:00
We can also identify gaps by selecting
00:00
the subset of techniques that we have defenses for.
00:00
This process analysis can inform decision-making,
00:00
particularly in this case,
00:00
by comparing what techniques are most important to us,
00:00
with what techniques we have defenses for.
00:00
We can identify where we need to improve.
00:00
That was just one notional and very simple way
00:00
of using ATT&CK as a quantitative scorecard.
00:00
We can do a similar approach for
00:00
the various other metadata ATT&CK,
00:00
such as data sources,
00:00
detections and analytics, mitigations and more.
00:00
With that, we've reached
00:00
our knowledge check for Lesson 3.
00:00
True or false, ATT&CK will explicitly
00:00
provide a score of how
00:00
safe your organization's defenses are.
00:00
Please pause the video and take a second to
00:00
think of the correct answer before proceeding.
00:00
In this case, the correct answer is false.
00:00
ATT&CK provides means of
00:00
creating a quantitative scorecard,
00:00
but it's up to you to provide
00:00
the inputs and the analysis.
00:00
With that we've reached the end of Lesson 3.
00:00
In summary, we can use ATT&CK to
00:00
build quantitative scorecards that enable
00:00
us to ask tough questions and measure how
00:00
our defenses compare against real adversary behaviors.
Up Next