Threat-Informed Defense for the Financial Sector
Connect adversarial threat mitigations to cybersecurity program resources tailored to the financial sector, namely the Cyber Risk Institute …
April 10, 2024
Project Summary
M3TID leverages threat understanding to improve a security program by creating an actionable definition of threat-informed defense and its associated key activities, and a formalized approach to measure your threat-informed defense. This maturity model complements existing cybersecurity maturity models by incorporating a measure of how well threat information is leveraged.
Leveraging knowledge of cyber threats to prioritize the allocation of limited resources is one of the most impactful and efficient ways to reduce overall risk.
Problem
Using a threat-informed defense is one of the most effective ways to defend yourself against cyber-attacks, yet there is no definitive guidance on how to create and mature a threat-informed defense.
Solution
Create a foundational resource that defines threat-informed defense, all of its components, and develop a solution to measure, maximize, and mature threat-informed defense.
Impact
Organizations can strategically enhance their cybersecurity capabilities, optimize resource allocation, and improve defenses against cyber-attacks, contributing to a stronger and more resilient infrastructure.
Funding Research Participants
Explore More of Our Work:
Ambiguous Techniques
Building upon the research of Summiting the Pyramid, Ambiguous Techniques is a methodology to determine malicious intent behind seemingly benign …
Prioritize Known Exploited Vulnerabilities
Prioritize Known Exploited Vulnerabilities shows defenders how to take a threat informed approach to vulnerability management.
Stay Informed
Sign up for our "Stay Informed" mailing list to receive announcements for project publications, upcoming events, and other news about the Center.