Threat Landscape
This is a daily process to analyze the potential impact to the enterprise of external events and internal changes on the cyber security profile of the enterprise.
What is the Threat Vulnerability Assessment (TVA) App?
These are activities performed by systems or people to prevent, detect, correct, or minimize risks and increase the likelihood that established objectives and goals will be achieved.
What are cybersecurity controls?
The controls for this top cyber risk address the significant risk of credential theft, data loss and device/system outages due to malware, phishing campaigns, and spoofed email.
What is email security?
The MITRE ATT&CK Framework reflects phases of this, also known as the attack cycle.
What is the cyber kill chain?
According to Microsoft, enabling this can prevent 99.9% of account compromise attacks.
What is multi-factor authentication (MFA)?
Typically 75% of attacks at corporations, like Pfizer, start from this type of attack.
What is (email) phishing?
Alerting and monitoring for users escalating this is a key control in the IAM/PAM program, measured as the precision of the escalation alerts.
This is a framework of business processes, policies and technologies that facilitates the management of identities.
What is Identity and Access Management?
This MITRE ATT&CK tactic is commonly associated with insider threat.
What is data exfiltration?
This javascript attack via browser can allow for a user’s session to be hijacked or redirected to a malicious site.
What is cross-site scripting?
These 3 risks have recently ranked among the top 3 Top Cyber Risks.
What are IT Hygiene, Cloud Security, and Ransomware?
Controls for application security testing, software composition analysis, defect management, and penetration testing all fall under this program.
What is Software Security?
Incomplete inventory and out of date software are major components of this top cyber risk.
What is IT Hygiene?
Beaconing is an early indication of this type of infection.
What is malware?
This phrase means to begin software development with security in mind, rather than tack it on later.
What is start left?
This month marks the beginning of DDoS season.
What is September?
The following top key control mitigates this top cyber risk: "System backup testing is carried out on a scheduled, periodic basis according to the criticality of the system. Testing verifies backup media reliability and information integrity."
What is Ransomware?
These programs are part of Identity and Access Management (IAM).
What are User Behavior Analytics (UBA), Next Generation Authentication (NGA), Privileged Access Management (PAM), and Dynamic Provisioning?
These describe the behavior of a cyber attacker and forms the structure for the MITRE ATT&CK Framework.
What are tactics, techniques, and procedures (TTP)?
This is a list of publicly disclosed vulnerabilities and exposures that is maintained by MITRE.
What is Common Vulnerabilities and Exposures (CVE)?
Bots will identify and attempt to hack a server within this timeframe of it being accessible over the internet.
What is a minute?
These are unique, creative controls developed by understanding threat actor tactics and applying innovation in security control design, beyond simple compliance with industry risk frameworks.
What are unconventional controls?
These are black-belt developers at MM who work with the Software Security Group to ensure that security practices and procedures are designed and built into the development team’s day-to-day processes and procedures.
What are security mavens?
This is a strategy used by malicious actors to hide their command and control channels.
What is DNS fluxing?
This is a system widely used in vulnerability management programs and indicates the severity of an information security vulnerability, consisting of three component metrics: base, temporal, and environmental.
What is the Common Vulnerability Scoring System (CVSS)?