Before an Attack
MITRE has curated a number of resources to aid you in preparing.
The end-to-end workflow consists of several steps, the precise steps can be customized to your specific situation.
These actions align with the NIST Cybersecurity Framework stages of Identify, Protect, and Detect.
In addition, collaboration with industry groups and public-private partnerships will give you greater insight into risks and potential mitigations.
Steps
identify
- ATT&CK
- Caldera
- Assessments
- CORA
- Crown Jewels
- Exercises
protect
- Architecture
- Operations
- Device Pre-Certs
- Deception
- Data Security
Detect
- Sensors
- Analytics
- Data Analysis
- AI/ML
- Alerting
respond
- Playbook
- Targeted Analytics
- Signature Dev’t
- Resilience
recover
- Cleanup
- Data Recovery
- Reporting