Detecting Cyber Threats with ATT&CK-based AnalyticsHIMSS18: Protecting Data and Devices
Wednesday, March 7, 2018, 10:00AM–11:00AM PT
Location: Marcello 4401; Session 123
Despite the growing use of cyber threat-based defenses, breaches still occur and detecting them remains difficult. Once an attacker penetrates a network, there are numerous ways to hide undetected. Common means to identify post-compromise cyber attacker “footprints” have been elusive until now. The Adversarial Tactics, Techniques, & Common Knowledge (ATT&CK™) family of models, developed for public use by the MITRE Corporation, provides a methodology for characterizing and describing the actions an adversary may take while operating on specific platforms within an enterprise network. The U.S. Department of Health and Human Services (HHS) and the National Health Information Sharing and Analysis Center (NH-ISAC) have embraced the ATT&CK methodology. They are co-leading an effort to develop ATT&CK-based analytics for use within the healthcare sector. This session will explain the ATT&CK family models in detail and describe the healthcare ATT&CK-based analytic developments.
MEET the Experts
HOW to Engage With Us
Do you have expertise and want to help? By working through these challenges together we can solve problems for a safer world.
KEEP in Touch
Want us to let you know when we’ve published a paper, video or link to the latest information on our health research?