Melody Hildebrandt, Global CISO at 21st Century Fox, shares her experience working with Praetorian to "level up" the multinational mass media corporation's cybersecurity defenses and test its investments from a technology perspective against actual simulated attacker behavior.
A rapid shift towards detection and response
Enterprise security leaders have been conditioned to accept the inevitability of breaches despite making significant investments in prevention-based solutions. When considering not only the scale and evolving sophistication of security threats that enterprises face, but also the continued migration of enterprise network infrastructures to the cloud, many believe that enterprise security spending will continue to see a sizable shift toward endpoint detection, monitoring, and response. Gartner predicts that 60 percent of enterprise security budgets will be allocated towards detection and response by 2020, up from less than 30 percent in 2016.
As enterprise security budgets shift to detection and response, ensure you are getting the most out of technology investments as your security program matures over time.
Make Purple Team part of your corporate security journey
In collaboration with its Fortune 100 customers, Praetorian has designed a multi-stage corporate security program tailored to address the unique needs of today’s modern enterprise. One of the program’s key pillars consists of iterative Purple Team exercises that benchmark detective and response capabilities against the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) Framework. As enterprise security programs mature, organizations should move away from unannounced penetration tests and embrace collaborative internal activities that leverage these Purple Team table top exercises where defenders can observe simulated attack behavior in real-time.
Benchmarking to the MITRE ATT&CK™ Framework
As active contributors to MITRE ATT&CK™, Praetorian utilizes the framework to provide a quantitative, risk-informed measure of how effective certain tools and technologies are in an organization’s defense arsenal. Additionally, by knowing where blind spots exist, defenders can focus on improving specific shortcomings and easily track improvements over time. The goal of approaching a Purple Team engagement in this fashion is to provide organizations with insight into potential gaps in detection and response capabilities, resulting from missing technology, poorly configured technology, or training and/or policy issues.