Join us for a CTA Fireside Chat, The Power of Collaboration: Creating Adversarial Playbooks to Disrupt Malicious Actors. In this webinar, Rick Howard, CSO and Chief Analyst at CyberWire, and Michael Daniel, President and CEO of CTA, discuss adversary playbooks and how threat sharing like CTA enables makes them possible.
Protecting the digital ecosystem requires a number of tools. One of those tools is an Adversary Playbook. Behind every cyber intrusion or attack is a human or group of humans. These threat actors, regardless of their motivation, have a goal and they must successfully negotiate a series of steps to complete their mission. The complete collection of tools, tactics, and techniques that adversaries use to achieve their goal is the adversary’s attack playbook. If the cybersecurity community and network defenders can figure out these playbooks, they can make their defensive activities more effective and impose increased costs on our adversaries.
How can we figure out these playbooks? Collaboration is key. Since no one company has complete visibility into an adversary, the cybersecurity industry must work together to create and communicate adversary playbooks. The Cyber Threat Alliance was designed specifically to enable this kind of collaboration. CTA membership brings visibility into threats across the various information and communications technology systems, such as endpoint devices, network infrastructure, mobile devices, and ICS/SCADA systems, or threats that vary across verticals and regions. Our business rules and sharing platform enable the rapid (and equitable) sharing of this threat intelligence across our diverse membership. Thus, CTA can enable members to take the playbook from a concept to a reality more effectively.