The year 2020 will be remembered as the year of the pandemic and the year of explosive cyberattacks as adversaries took advantage of socio-economic strains of coronavirus to attack society more vigorously. Attacks went up to 4,000 a day–a 400% increase from the pre-coronavirus period. Industries such as healthcare, government and financial services, faced the brunt of assaults, resulting in breaches, ransomware and outages that experts estimate cost $20 billion in damages. According to the U.S. Department of Health and Human Service, breaches in the health sector alone increased by over 150 percent.

As our lives were transformed digitally overnight, we had to rethink how we collaborated, innovated, and united against threat actors and nation- states. With the industry reeling from attacks and a shortage of skilled talent, we launched AttackIQ Academy as a free cybersecurity education resource just as communication, business and personal interactions moved online.

Our goals were simple: to give back to the cybersecurity community and help practitioners stay ahead of threats by moving from a fortress mentality of “network defense” to a “threat-informed defense” approach. It was important to us to offer courses as a public good at no cost, and make them eligible for ISC(2) CPE credits. We hoped the community would see value in our curriculum, which was industry-specific rather than product specific knowledge. We set a goal of educating 5,000 student practitioners by year end. Fast forward 8 months, and I’m both honored and humbled to share that we finished the year with over 10,000 students registered across more than 160 countries.

This week we recognized and congratulated our 10,000th student, Michael Amorim, a new college grad and Information Technology Security Analyst at Johnson & Johnson, who was looking for education to bolster his newly-needed security skills. “I went searching for certifications to get better at my new job and I stumbled across the MITRE ATT&CK learning path in AttackIQ Academy. It had good blue team information, red team information, and right in the middle purple team, which was a term I’d never heard before. It is quality content that is completely free. You definitely come away with something worthwhile and worth your time.”

As Michael learned in his Academy path, purple teams focus on the overarching threat landscape, they understand their security technologies, and they understand their organization and its operational attributes. Purple team doctrine ensures that organizations optimize their cybersecurity readiness continuously. The addition of purple teaming as an operational construct to ATT&CK and breach and attack simulation is moving the industry towards a threat-informed defense approach.

Purple teaming is one of three learning paths today, in addition to MITRE ATT&CK and Breach & Attack Simulation. Within these, our most popular classes are Foundations of Operationalizing MITRE ATT&CK, Foundations of Purple Teaming, and Intro to FIN6 Emulation Plans. Together all of the AttackIQ Academy courses have an average net promoter score of 75.

Our expert instructors take pride in delivering quality, relevant, and actionable education. We delight in seeing consistently high satisfaction scores and hearing positive feedback from Academy students like Les Correia, Director, Enterprise Cybersecurity & Risk, Arch., Eng., Ops. at Estée Lauder Companies Inc., who shared: “I was recently invited and attended a few of the AttackIQ Academy short courses — Operationalizing MITRE ATT&CK, Breach and Attack Simulation, and Purple teaming. The delivery, content, duration, and labs were relevant and well organized. AttackIQ is also a founding research partner of the Center for Threat Informed Defense (CTID). I am encouraged that this initiative brings together security minds and then gives back to the community by collaborating to improve our ability to prevent, detect, and respond to cyber-attacks.”

As we progress into 2021, we are still facing the challenges of the past year-COVID-19, remote workforces, and continued attacks on vulnerable sectors. By embracing skills development and disruptive new technologies, we can change the attacker landscape and better protect our companies, customers, and countries. Skill growth is a mission-critical priority in all fields, but especially in cybersecurity, where adversarial tactics are constantly evolving. Automation, machine learning, and continuous control validation will all help security teams proactively address threats.

If you haven’t registered for Academy yet, please do, and be sure to let us know what you think. For those that have already taken courses in 2020, thank you for being part of the Informed Defender community and check out the new AIQ Academy website.  Enjoy!


Some fun statistics from AttackIQ Academy in 2020