Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
ssessing MITRE ATT&CK Risk Using a Cyber-Security Culture Framework
Sensors ( IF 3.4 ) Pub Date : 2021-05-09 , DOI: 10.3390/s21093267 Anna Georgiadou 1 , Spiros Mouzakitis 1 , Dimitris Askounis 1
Sensors ( IF 3.4 ) Pub Date : 2021-05-09 , DOI: 10.3390/s21093267 Anna Georgiadou 1 , Spiros Mouzakitis 1 , Dimitris Askounis 1
Affiliation
The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework provides a rich and actionable repository of adversarial tactics, techniques, and procedures. Its innovative approach has been broadly welcomed by both vendors and enterprise customers in the industry. Its usage extends from adversary emulation, red teaming, behavioral analytics development to a defensive gap and SOC (Security Operations Center) maturity assessment. While extensive research has been done on analyzing specific attacks or specific organizational culture and human behavior factors leading to such attacks, a holistic view on the association of both is currently missing. In this paper, we present our research results on associating a comprehensive set of organizational and individual culture factors (as described on our developed cyber-security culture framework) with security vulnerabilities mapped to specific adversary behavior and patterns utilizing the MITRE ATT&CK framework. Thus, exploiting MITRE ATT&CK’s possibilities towards a scientific direction that has not yet been explored: security assessment and defensive design, a step prior to its current application domain. The suggested cyber-security culture framework was originally designed to aim at critical infrastructures and, more specifically, the energy sector. Organizations of these domains exhibit a co-existence and strong interaction of the IT (Information Technology) and OT (Operational Technology) networks. As a result, we emphasize our scientific effort on the hybrid MITRE ATT&CK for Enterprise and ICS (Industrial Control Systems) model as a broader and more holistic approach. The results of our research can be utilized in an extensive set of applications, including the efficient organization of security procedures as well as enhancing security readiness evaluation results by providing more insights into imminent threats and security risks.
中文翻译:
使用网络安全文化框架评估 MITRE ATT&CK 风险
MITRE ATT&CK(对抗性策略、技术和常识)框架提供了丰富且可操作的对抗性策略、技术和程序存储库。其创新的做法受到了业内厂商和企业客户的广泛欢迎。其用途从对手模拟、红队、行为分析开发到防御差距和 SOC(安全运营中心)成熟度评估。尽管已经对分析特定攻击或导致此类攻击的特定组织文化和人类行为因素进行了广泛的研究,但目前缺乏对两者之间关联的整体看法。在本文中,我们展示了我们的研究成果,将一套全面的组织和个人文化因素(如我们开发的网络安全文化框架中所述)与利用 MITRE ATT&CK 框架映射到特定对手行为和模式的安全漏洞相关联。因此,利用 MITRE ATT&CK 的可能性走向尚未探索的科学方向:安全评估和防御设计,这是其当前应用领域之前的一步。建议的网络安全文化框架最初旨在针对关键基础设施,更具体地说是能源部门。这些领域的组织表现出 IT(信息技术)和 OT(运营技术)网络的共存和强交互。因此,我们强调我们在混合 MITRE ATT&CK for Enterprise 和 ICS(工业控制系统)模型方面所做的科学努力,将其作为更广泛、更全面的方法。 我们的研究结果可用于广泛的应用,包括有效组织安全程序以及通过提供对迫在眉睫的威胁和安全风险的更多见解来增强安全准备评估结果。
更新日期:2021-05-09
中文翻译:
使用网络安全文化框架评估 MITRE ATT&CK 风险
MITRE ATT&CK(对抗性策略、技术和常识)框架提供了丰富且可操作的对抗性策略、技术和程序存储库。其创新的做法受到了业内厂商和企业客户的广泛欢迎。其用途从对手模拟、红队、行为分析开发到防御差距和 SOC(安全运营中心)成熟度评估。尽管已经对分析特定攻击或导致此类攻击的特定组织文化和人类行为因素进行了广泛的研究,但目前缺乏对两者之间关联的整体看法。在本文中,我们展示了我们的研究成果,将一套全面的组织和个人文化因素(如我们开发的网络安全文化框架中所述)与利用 MITRE ATT&CK 框架映射到特定对手行为和模式的安全漏洞相关联。因此,利用 MITRE ATT&CK 的可能性走向尚未探索的科学方向:安全评估和防御设计,这是其当前应用领域之前的一步。建议的网络安全文化框架最初旨在针对关键基础设施,更具体地说是能源部门。这些领域的组织表现出 IT(信息技术)和 OT(运营技术)网络的共存和强交互。因此,我们强调我们在混合 MITRE ATT&CK for Enterprise 和 ICS(工业控制系统)模型方面所做的科学努力,将其作为更广泛、更全面的方法。 我们的研究结果可用于广泛的应用,包括有效组织安全程序以及通过提供对迫在眉睫的威胁和安全风险的更多见解来增强安全准备评估结果。
京公网安备 11010802027423号