MITRE ATT&CK: The Theory & Practical Applications of a Global Cybersecurity Framework

Event Description: In this session, learn the basics of MITRE ATT&CK, a globally-accessible cybersecurity framework that provides a knowledge base of adversary tactics, techniques, and procedures based on real-world observations.

Key Concepts
ATT&CK is a model that systematically categorizes adversary behavior. The main components of the model are:
- Tactics represent “why” or the reason an adversary is performing an action
- Techniques represent “how” adversaries achieve tactical goals by performing an action
- Sub-techniques are a more specific or lower-level description of adversarial behavior
- Procedures are specific implementation or in-the-wild use the adversary uses for techniques or sub-techniques
 

Practical Application: Adversary use of AI
From a sampling of recent cyber threat intelligence reporting, we will:
- Explore how threat actors have been observed using Artificial Intelligence or Large Language Models in their operations
- Understand where the observed behavior falls within the ATT&CK framework
- Discuss if there are new emerging behaviors that aren't currently captured in ATT&CK 

Speaker Bio: Lauren Lusty is the MITRE ATT&CK Enterprise Lead and helps organizations operationalize ATT&CK. Lauren has been at MITRE for 12 years doing a little bit of everything, and before that got her M.S. in Computer Science and her B.S. in Systems Engineering. While off the clock, Lauren enjoys spending time with her two daughters, playing tennis, crafting, and volunteering.