2nd Edition

Tracking the trends and news for IT and IT Security

Paul Davis

Security framework to determine whether defenders are winning | TechTarget

Security framework to determine whether defenders are winning | TechTarget>
Tech Target – Alexander Culafi
In a session titled “Is Defense Winning?” at Black Hat 2024, Jason Healey, a senior research scholar at Columbia University’s School for International and Public Affairs, will present a framework he’s developing to determine the success of defenders in the long-standing battle against cybercriminals
Healey discovered the need for such a framework during his research, realizing that the attacker advantage has been a challenge for security practitioners for 50 years
The culture began moving more in the direction of improving national defense with the release of the White House’s National Cybersecurity Strategy in March 2023) Although some indicators suggest that defenders are improving, the goal is to shift the balance of the eternal battle between defenders and adversaries back in favor of the defenders
This involves enhancing the data used to assess the performance of both sides, which is where Healey’s framework comes into play
The framework is a series of indicators and data points, some of which are already tracked, such as mean time to detect
Healey proposes developing additional data points, such as “mean time between catastrophes,” tracking zero-day activity, and the impact and severity of cyberattacks
The framework aims to determine how aggressively threat actors are forced to adapt to defender behavior
If defenders are doing a better job disrupting adversaries, Healey expects to see more frequent adversary turnover in their tactics, techniques, and procedures (TTPs), a decrease in the use of the easiest TTPs, and an increase in the use of more difficult, expensive, and costly TTPs
Ultimately, the push and pull between adversaries and defenders will likely never end
The goal is to create a standard where threat actors are forced to adapt to defenders and exert maximum effort rather than the other way around
Healey emphasizes that defense will never win, but the aim is to move towards a defensive advantage.
Link: https://www.techtarget.com/searchsecurity/news/366599814/Security-framework-to-determine-whether-defenders-are-winning

Categories:

Tags: