Detecting Cyber Threats with ATT&CK-based Analytics

HIMSS18: Protecting Data and Devices

Wednesday, March 7, 2018, 10:00AM–11:00AM PT
Location: Marcello 4401; Session 123

Despite the growing use of cyber threat-based defenses, breaches still occur and detecting them remains difficult. Once an attacker penetrates a network, there are numerous ways to hide undetected. Common means to identify post-compromise cyber attacker “footprints” have been elusive until now. The Adversarial Tactics, Techniques, & Common Knowledge (ATT&CK™) family of models, developed for public use by the MITRE Corporation, provides a methodology for characterizing and describing the actions an adversary may take while operating on specific platforms within an enterprise network. The U.S. Department of Health and Human Services (HHS) and the National Health Information Sharing and Analysis Center (NH-ISAC) have embraced the ATT&CK methodology. They are co-leading an effort to develop ATT&CK-based analytics for use within the healthcare sector. This session will explain the ATT&CK family models in detail and describe the healthcare ATT&CK-based analytic developments.

MEET the Experts

Denise Anderson

Speaker, President
NH-ISAC

Julie Connolly, CISSP

Co-Speaker, Principal Cybersecurity Engineer
MITRE

HOW to Engage With Us

Do you have expertise and want to help? By working through these challenges together we can solve problems for a safer world.

KEEP in Touch

Want us to let you know when we’ve published a paper, video or link to the latest information on our health research?

Share This