Cyber Resiliency Approaches and Controls to Mitigate Adversary TTPs, Revision 2

By Deborah Bodeau , Richard Graubart , Linda K. Jones , Ellen Laderman , David K. Black

Learn cyber resiliency approaches and security controls that can be used to thwart cyber threats in this first-of-a-kind, comprehensive mapping of cyber resiliency controls to techniques in ATT&CK® for Enterprise and ATT&CK for Industrial Control Systems.

Download Resources

In this technical paper, experts from MITRE document the process and provide the results of a mapping of cyber resiliency constructs from NIST SP 800-160 Vol. 2, to techniques in ATT&CK for Enterprise and ATT&CK for Industrial Control Systems; this includes a mapping to cyber resiliency and non-cyber resiliency controls from NIST SP 800-53 Rev 5 that have the potential to mitigate the ATT&CK techniques. This comprehensive mapping helps systems security engineers and risk managers identify the potential effects that the controls—when properly tailored, implemented, and used—could have on adversary tactics, techniques, and procedures. The potential effects support testing and evaluation of cyber resiliency capabilities in a variety of systems (e.g., weapons systems, space systems, command and control systems, industrial control systems, enterprise IT systems).

The comprehensive mapping was completed in support of the Air Force Research Laboratory and has been incorporated into their automated Cyber Survivability Attributes (CSA) Tool. The CSA Tool lets organizations rapidly identify, evaluate gaps in, and make trade-offs among system security controls, and cyber resiliency controls in particular.