The success of every cyberattack today rests solely on what kind of user accounts the bad guys can get their hands on. The goal is to achieve elevated levels of access, whether accomplished by obtaining and abusing existing account credentials or by leveraging vulnerabilities to bypass User Account Control.
In the past few years, we’ve seen a massive development in cybersecurity frameworks designed to provide organizations with strategic guidance on how to best secure environments against the ever-changing face of cyberthreats. But how do you turn cybersecurity frameworks like NIST 800-171, CMMC, ISO 27001, and CIS Critical Security Controls into practical and actionable steps to improve your organization’s cybersecurity stance and protect against specific tactics, techniques, and procedures (TTP) outlined in MITRE?
In this real-training-for-free session, Microsoft MVP and cybersecurity expert Nick Cavalancia discusses:
- Which cybersecurity frameworks should you be paying attention to?
- Compliance vs. Security: Why frameworks and MITRE aren’t (and never will be) aligned
- Attempting to map framework controls and objectives with MITRE TTPs
Rem Jaques, Senior Engineer – Compliance Research, from LogRhythm will also join Nick. Rem provides an outline of MITRE TTP T1078: Valid Accounts, covering related procedures, mitigations, and detection methods via LogRhythm SIEM with practical implementation through detections for privilege escalation and brute force authentication. Rem then displays related account management and access control objectives found in major compliance frameworks and provide insight on how these objectives overlap and intersect with MITRE.
Watch on-demand now!