It’s not enough to cast a wide cybersecurity net and hope you catch the adversaries trying to compromise your data. Instead, you need to narrow your focus to make your efforts truly impactful.
But which of the countless potential cybersecurity attacks out there should you choose to prioritize? MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework and the Center for Internet Security’s CIS Controls are two industry leading sources clearly stating which cybersecurity best practices organizations and agencies should heed.
- MITRE is a not for profit organization that operates federally funded research and development centers. Their ATT&CK framework is a useful cybersecurity model illustrating how adversaries behave and explaining the tactics you should use to mitigate risk and improve security.
- The Center for Internet Security (CIS) is a nonprofit organization that sources knowledge from IT experts around the world. The CIS Controls v8 is a list of 18 critical security controls, each prioritized to help protect from attack vectors.
How MITRE ATT&CK and CIS Controls Intersect
Both the MITRE ATT&CK framework and the CIS Controls provide the crucial intelligence you need in order to maintain a strong cybersecurity stance. Where MITRE focuses on specific actions taken by adversaries in an enterprise network and shows you how to combat them proactively, CIS lays out a step-by-step process for securing your data in terms of configuration management and other system hardening processes.
Both empower you to take charge of the safety of your data and systems. All in all, these are two distinct models addressing similar issues. It’s not a matter of picking which institution’s guidelines to follow—you should be utilizing both of these resources simultaneously and ensuring your alignment with them often.
Tripwire solutions can help address a number of these best practices and areas, including 14 of the 18 CIS Controls. In this document, we focus on the Controls that have the greatest overlap with MITRE ATT&CK and Tripwire capabilities.