About Us Our Work Employment News & Events
MITRE Remote Access for MITRE Staff and Partners Site Map
  Home > Our Work > Mission Areas > Cybersecurity >

Cybersecurity -- Strengthening Cyber Defense
   
Home
About
Leadership
Thinking
Forward
Contact Us
Focus Areas
Situation
Awareness
Resiliency
Threat-Based
Defense
Partnership
Innovation
Blog:
Cyber Depot
Resource
Center
Research
Standards
Tools
Awareness
& Training
Library
Learn more about MITRE's free mobile app

Thinking Forward

Current Cybersecurity Approaches are Becoming Ineffective

Many organizations try to deal with cybersecurity threats by focusing inwardly. They conduct vulnerability assessments, attempt to map out their networks in detail, and try to put in place robust patch-management processes. The focus is on compliance with regulations and efforts to monitor networks and systems continuously. While this approach has some benefits, it is ineffective against many cyber threats.

Gary Gagnon

Senior Vice President and Chief Security Officer Gary Gagnon describes evolving threat-based defense concept to MITRE staff.

There are several reasons for this. Most corporate networks are too large and complex to comprehensively map out; it's simply too difficult to identify all of the assets on such large networks. It's equally difficult to identify all of the vulnerabilities on such networks; there are always undiscovered vulnerabilities in software that can be exploited. Additionally, cyber wrongdoers today are sophisticated, well-funded, and patient. They use a wide range of techniques to penetrate even well-protected enterprises.

Focusing on the Opponent

Recently, many organizations have taken a more powerful approach to their cybersecurity challenges by focusing on the opponent. If organizations understand their opponents' tendencies, techniques, tools and intentions, they can better bolster their threat-based defenses and improve their chances of preventing, detecting, and mitigating cyber intrusions.

Both approaches have merit. That's why MITRE advocates a balanced security posture that combines classic cyber defense approaches with a new emphasis on gathering and sharing intelligence information about threat actors. In this innovative model, defenders become both collectors of and producers of intelligence. Organizations can share this cyber threat information with each other to improve the security of everyone in the community.

"MITRE advocates a balanced security posture that combines classic cyber defense approaches with a new emphasis on gathering and sharing intelligence information about threat actors." — Senior Vice President and Chief Security Officer Gary Gagnon

Working Towards a Common Goal

To make that vision of collaborative cybersecurity a reality, organizations must be comfortable with taking from and contributing to information about cyber threats. This starts with the need to develop standards-based threat information repositories. Using standards will enable rapid communication about threats and automated responses to the threats. These secure data repositories will enable different organizations to share information within trusted groups and prevent adversaries from accessing the intelligence.

MITRE has developed partnerships with several communities that use these standards-based repositories, such as the Advanced Cyber Security Center in Massachusetts. Our ultimate goal is to enable the creation of additional communities and a federation of such groups to improve the security of the nation as a whole.

Featured Items



 
Homeland Security Center Center for Enterprise Modernization Command, Control, Communications and Intelligence Center Center for Advanced Aviation System Development
 
 
 

Solutions That Make a Difference.®
Copyright © 1997-2013, The MITRE Corporation. All rights reserved.
MITRE is a registered trademark of The MITRE Corporation.
Material on this site may be copied and distributed with permission only.

IDG's Computerworld Names MITRE a "Best Place to Work in IT" for Eighth Straight Year The Boston Globe Ranks MITRE Number 6 Top Place to Work Fast Company Names MITRE One of the "World's 50 Most Innovative Companies"
 

Privacy Policy | Contact Us