Educause Security Discussion mailing list archives
Re: Under ATT&CK?
From: John Ramsey <000001cd0b5a1098-dmarc-request () LISTSERV EDUCAUSE EDU>
Date: Thu, 25 Feb 2021 17:52:50 +0000
We're on our fourth year assessing our security posture against the ATT&CK framework. We typically assess in January/February, incorporate weaknesses into our cyber roadmap and then pen test against them at the end of the year. John John Ramsey, Chief Information Security Officer National Student Clearinghouse Certified: CISSP, CISM, PMP, CSSLP, CRISC, CGEIT 2300 Dulles Station Blvd., Suite 220 Herndon, VA 20171 703.742.4428 | studentclearinghouse.org<http://www.studentclearinghouse.org> LinkedIn<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fnational-student-clearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590166954&sdata=MdT45I1n7Hwbp8Zlkxlm0wEd0LdLnq5Cpr91ybCEjHw%3D&reserved=0> | Twitter<https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fnsclearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590171933&sdata=idMHM8D4VdMRpIa2H1YUTmwMgC4ZU0L2jqL3VjVNs4s%3D&reserved=0> | Facebook<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.facebook.com%2FNSClearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590176915&sdata=ILW%2BPdv1fgHooOkbQlkP9ei%2BJOsk7YlCMzYNU572flU%3D&reserved=0> | Blog<https://www.studentclearinghouse.org/nscblog/> | Instagram<https://www.instagram.com/NSClearinghouse/> Serving Education Since 1993 This message is proprietary to the National Student Clearinghouse, is intended only for the addressee and may contain confidential or privileged information. If you receive this message in error, please contact the sender and delete all copies. From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Brian Kelly Sent: Thursday, February 25, 2021 9:03 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Under ATT&CK? EXTERNAL MESSAGE Good morning, I'm interested in gauging the adoption of or interest in getting started with Mitre ATT&CK - https://attack.mitre.org/<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fattack.mitre.org%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C7fef5b3a72974313537508d8d99621d4%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637498586133561873%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=5IBR8CgmqrQfP%2B7RUSwUCil7OxRaOsljA58AUra5nrI%3D&reserved=0> in our community. Please let me know if * You are currently using ATT&CK * Would be interested in a getting started with ATT&CK session at the Cybersecurity and Privacy Professionals Conference in June. Have a great day, Brian Brian Kelly, CISSP, CISM, CEH Director, Cybersecurity Program<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Ffocus-areas-and-initiatives%2Fpolicy-and-security%2Fcybersecurity-program&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C7fef5b3a72974313537508d8d99621d4%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637498586133571824%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Khy0Hz5y8M4bxLJZzDAWyumwufliwmNT25Qv2NjSh%2FA%3D&reserved=0> bkelly () educause edu<mailto:bkelly () educause edu> EDUCAUSE Uncommon Thinking for the Common Good Follow HEISC on LinkedIn<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C7fef5b3a72974313537508d8d99621d4%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637498586133571824%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=YVCwl8laAE3AMPUEqH%2BdSXyfJv2TRla74EXTgo3S%2Bx4%3D&reserved=0> | Twitter: @HEISCouncil direct: 475.449.6440 | educause.edu<https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C7fef5b3a72974313537508d8d99621d4%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637498586133581789%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=GqHUYR%2Fg4UHOFHNkIchFZxytmXYbG5AFa9FSra5h4uQ%3D&reserved=0> 1150 18th Street, NW, Suite 900 Washington, DC 20036 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C7fef5b3a72974313537508d8d99621d4%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637498586133581789%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=%2BEU59sQUAlNSEMbFRRLgegQeV662ugiLHLjoSZdrr0w%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Under ATT&CK? Brian Kelly (Feb 25)
- Re: Under ATT&CK? Ghassan Salem (Feb 25)
- Re: Under ATT&CK? Fugett, Julie C (Feb 25)
- Re: Under ATT&CK? Nadim El-Khoury (Feb 25)
- Re: Under ATT&CK? Fugett, Julie C (Feb 25)
- Re: Under ATT&CK? John Ramsey (Feb 25)
- Re: Under ATT&CK? Uday Kiran (Feb 27)
- Re: Under ATT&CK? Koppel, Lorna (Mar 01)
- Re: Under ATT&CK? Wessam Maher (Mar 04)
- Re: Under ATT&CK? Mr. Ikram Muhammad (Mar 05)
- Re: Under ATT&CK? Andre DiMino (Mar 04)
- <Possible follow-ups>
- Re: Under ATT&CK? Perez, Roberto (Mar 05)
- Re: Under ATT&CK? Chad Tracy (Mar 08)
- Re: Under ATT&CK? Johannes Boehme (Mar 08)
- Re: Under ATT&CK? Chad Tracy (Mar 08)
- Re: Under ATT&CK? Ghassan Salem (Feb 25)