This week, I joined AttackIQ as VP of Threat-Informed Defense, where I will lead efforts to accelerate the adoption of threat-informed defense, guiding customers with both services and technology to improve security outcomes. For 23 years at MITRE, I worked in partnership with innovative security teams across industry and government to make cyber defense more efficient and effective for all. As the Director and Co-Founder of MITRE’s Center for Threat-Informed Defense (CTID), I created a collaborative R&D program that defined and systematically advanced the practice of threat-informed defense. Despite the value and impact of the CTID’s R&D program, we were structurally limited in our ability to directly improve security outcomes. At AttackIQ, I have a unique opportunity to directly translate innovation in threat-informed defense into measurable improvements in security outcomes.
I joined AttackIQ for its mission and the opportunity to drive impact.
Mission.
AttackIQ’s mission is to make the world safe for compute. In the spirit of “The Infinite Game”, their mission demonstrates a long-term commitment for growth and advancement. Put simply, it is not about winning today. It is a continual focus on improving security outcomes in the face of a dynamic environment. Taking the long view allows for innovation and flexibility to focus on what will have the greatest impact over time. AttackIQ demonstrates its commitment to mission through investment in community and its ability to adapt for impact.
As a founding Research Partner in the CTID, AttackIQ took an active role in building a first of its kind privately funded research and development center. They supported the CTID for 6 years, committing significant resources and thought leadership to build the program and advance the state of the art and the practice in threat-informed defense. With AttackIQ’s active leadership, the CTID has built a global community of threat-informed defense practitioners.
Beginning as a pioneer in the Breach and Attack Simulation (BAS) category, AttackIQ has evolved into an intelligence-driven decision support platform that helps organizations understand attackers and optimize security investments. With the recent launch of Watchtower, AttackIQ has taken a critical step to automate the operationalization of cyber threat intelligence (CTI) for tailored security validation. Its history of innovation and adaptability, position AttackIQ for the future.
Impact.
AttackIQ has a long history of turning new research in threat-informed defense into impact, whether that be in the form of freely available training or new product capability.
The AttackIQ Academy has become a valuable learning resource to help practitioners understand and apply threat-informed defense. Most CTID R&D projects now have freely available academy courses, helping all security teams understand and apply CTID R&D at scale.
CTID research like the FIN6 adversary emulation plan, the Top ATT&CK Technique Calculator, and Security Control Mappings have all been integrated into AttackIQ products and services. These integrations turn research into capability that has an impact across the community.
Opportunity.
Training and product capability is just the beginning. Implementing threat-informed defense is a continuous process driven by evolving threats and organizational change. Organizations must take a strategic approach to understanding and improving their defenses in response to their most relevant cyber threats. Organizations need hands-on guidance and tailored recommendations to determine where to focus next and how to most effectively improve their security programs.
Joining AttackIQ, gives me the opportunity to move beyond creating open frameworks, models, and tools towards directly addressing organization needs. Together, we will establish new services to guide security teams in systematically assessing and maturing security posture through the lens of threat-informed defense.
New services must be based on a commitment to adapt and innovate. Working closely with AttackIQ customers and partners will position us to continually learn and adapt as the environment changes. We have a unique opportunity through trusted partnerships to truly accelerate innovation in threat-informed defense and translate that innovation into real-world solutions that scale.
Help advance threat-informed defense through the AttackIQ Academy and upcoming initiatives.
