Aligning Security Controls with Leading Cybersecurity Frameworks

Presented by

Nick Cavalancia and Rem Jaques

About this talk

The success of every cyberattack today rests solely on what kind of user accounts the bad guys can get their hands on. The goal is to achieve elevated levels of access, whether accomplished by obtaining and abusing existing account credentials or by leveraging vulnerabilities to bypass User Account Control. In the past few years, we’ve seen a massive development in cybersecurity frameworks designed to provide organizations with strategic guidance on how to best secure environments against the ever-changing face of cyberthreats. But how do you turn cybersecurity frameworks like NIST 800-171, CMMC, ISO 27001, and CIS Critical Security Controls into practical and actionable steps to improve your organization’s cybersecurity stance and protect against specific tactics, techniques, and procedures (TTP) outlined in MITRE? In this real-training-for-free session, Microsoft MVP and cybersecurity expert Nick Cavalancia discusses: - Which cybersecurity frameworks should you be paying attention to? - Compliance vs. Security: Why frameworks and MITRE aren’t (and never will be) aligned - Attempting to map framework controls and objectives with MITRE TTPs Rem Jaques, Senior Engineer – Compliance Research, from LogRhythm will also join Nick. Rem provides an outline of MITRE TTP T1078: Valid Accounts, covering related procedures, mitigations, and detection methods via LogRhythm SIEM with practical implementation through detections for privilege escalation and brute force authentication. Rem then displays related account management and access control objectives found in major compliance frameworks and provide insight on how these objectives overlap and intersect with MITRE. Watch on-demand now!
Related topics:

More from this channel

Upcoming talks (8)
On-demand talks (259)
Subscribers (77041)
LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency. With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at