As threat actors continuously evolve, MITRE's Mike Cunningham, research and development program manager at the Center for Threat-Informed Defense, says cyber defenders need to home in on the threats that matter most for their particular networks.
"If I'm reading threat reports or headlines, I might say we need to invest in this infrastructure, this new product, but these adversaries might never target us," said Cunningham on the SquareX Be Fearless podcast. "Let's focus our defenses, money, and resources on the threats that are most likely to attack us."
Cunningham likens his work in cybersecurity defense to solving a puzzle, figuring out which strategies lead to success and adjusting when they don't.
"Moving to the defensive space has become more like solving a puzzle, where if I do 'x, y, and z,' then I know we'll get success here," Cunningham said. "But if I don't, then I have to find the other piece of the puzzle that is going to complete it. So that way we get a full picture of the adversary and our defenses."
He also finds it rewarding to hear how organizations use MITRE ATT&CK® to improve their security, save money, and open up new professional opportunities. He emphasized how ATT&CK is regularly updated with real-world insights from the greater cyber community, helping to shape defenses and prioritize actions based on the most relevant threats.
Cunningham highlighted the growing challenge smaller organizations face as well-resourced adversaries ramp up their capabilities, making informed prioritization more essential than ever.
"It becomes increasingly difficult for a small organization, whose cyber budget is a million dollars a year, to defend against an organization whose budget is a billion dollars," said Cunningham. "It's even more important to make sure you're prioritizing the right things and you're staying informed of what threats would target you."