AttackIQ’s Automated Threat-Informed Defense Approach is Transforming Cybersecurity

Each year, Credit Suisse selects companies that are pioneering disruptive changes in traditional enterprise information technology. I’m humbled and honored to share that Credit Suisse included the AttackIQ Security Optimization Platform as one of five transformational technologies, in company with Immuta, MURAL, Unravel Data, and WalkMe, in the third annual Disruptive Technology Recognition (DTR) Program.

“In today’s business and threat landscape, AttackIQ’s unique approach to cybersecurity is much needed,” said Chandler Clayton, Americas Chief Information Security Officer at Credit Suisse. “DTR program is intended to recognize technologies that are poised to disrupt traditional business practices, and with AttackIQ’s broad applicability across industries, its security solutions certainly fit the bill. Many technologies that have been considered transformational in recent years have been rooted in automation and for good reason — it’s time that cybersecurity risk measurement is automated as well, and AttackIQ is paving the way for this pivotal change.”

This past year brought a unique set of challenges, with the global pandemic forcing rapid shifts to remote work and tightening IT budgets as companies faced economic losses–highlighting the need for innovative and agile solutions. This recognition from one of the world’s leading financial services providers and advocates for transformational technology validates our approach to helping customers automate threat-informed defense to improve the effectiveness and efficiency of their cybersecurity programs.

In 2020, we saw firsthand what can happen when businesses and governments lack visibility into their security control effectiveness. The SolarWinds supply chain attack on U.S. government agencies and private companies shows why a proactive approach to cybersecurity is so important. By leveraging up-to-date threat intelligence about adversary tactics, techniques and procedures (TTPs) to facilitate threat-informed defense operations, organizations greatly improve their preparedness against attack.

The SolarWinds incident also signifies an escalation in the sophistication of cyberattacks. Advanced nation-state actors have the financial resources, personnel and time to invest in developing novel approaches to intrusion and will continuously evolve their attack methods to infiltrate organizations. As a result, government agencies and private-sector organizations alike must ensure their security controls are prepared to keep up. This requires a program of automated security control validation. By deploying assessments and adversary emulations against security controls at scale in the production environment, our AttackIQ Security Optimization Platform allows customers to determine whether their controls are detecting and preventing attacks, as intended.

Staying abreast of attacker behavior can’t be done in a silo–it takes a community approach to continuously learn about new adversaries and evolve defenses appropriately. That is why we work collaboratively with customers and partners to share knowledge and best practices. AttackIQ was a founding research member of the MITRE Engenuity Center for Threat-Informed Defense, which brings together leading security teams from around the world to identify and solve critical cyberdefense problems, then freely share results with the community. We created the Preactive Security Exchange to work jointly with other security vendors to be proactive about preventable failure. Our Informed Defenders Executive Council brings together chief information security officers and technology leaders to share industry best practices. Earlier this year we launched the AttackIQ Academy to accelerate the practice of threat-informed defense and arm security practitioners with current, practical cybersecurity skills. We offer courses and learning paths at no charge on industry topics such as MITRE ATT&CK, Purple Teaming, Breach and Attack Simulation, Cyber Threat Intelligence and Security Leadership. To accelerate customer success, we also offer AttackIQ Blueprints — step-by-step guides on how to optimize security programs.

AttackIQ’s mission is to make the world safe for compute by providing the missing element in a security program: feedback on controls effectiveness. That mission is even more relevant as organizations face an even tougher cybersecurity threat environment in 2021. We execute on this mission each and every day by delivering our Security Optimization Platform, developing deep industry partnerships, and enabling security optimization practice enablement.

I encourage you to join us, as part of our community of 10,000+ Academy student practitioners, and learn how to adopt a threat-informed defense. academy.attackiq.con

The post AttackIQ’s Automated Threat-Informed Defense Approach is Transforming Cybersecurity appeared first on AttackIQ.

*** This is a Security Bloggers Network syndicated blog from Blog – AttackIQ authored by Brett Galloway. Read the original post at: https://attackiq.com/2021/01/12/attackiqs-automated-threat-informed-defense-approach-is-transforming-cybersecurity/