Page 196 - Cyber Defense eMagazine September 2023
P. 196
Why It’s More Important Than Ever to Align
to The MITRE ATT&CK Framework
By Michael Mumcuoglu, CEO & Co-Founder, CardinalOps
As we approach the second half of a year punctuated by ransomware and supply chain attacks, a top
concern on nearly everyone’s mind is security budgets. A closely-related topic is management-level
reporting. With strong economic headwinds, how do we effectively report our security posture to
executives and boards in order to demonstrate effective use of our limited resources?
A big part of this is rethinking how security executives approach reporting. Typically, the report to the
board has been around metrics like mean time to detect (MTTD) and mean time to respond (MTTR).
However, MTTD and MTTR metrics only describe how good your team is at responding to attacks after
you have detected them, but they’re missing critical information about which attacks were never – and
will never be – detected in the first place.
Cyber Defense eMagazine – September 2023 Edition 196
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.