Re: Under ATT&CK?

[John Ramsey <000001cd0b5a1098-dmarc-request () LISTSERV EDUCAUSE EDU>]

We're on our fourth year assessing our security posture against the ATT&CK framework.  We typically assess in 
January/February, incorporate weaknesses into our cyber roadmap and then pen test against them at the end of the year.

John

John Ramsey, Chief Information Security Officer
National Student Clearinghouse
Certified: CISSP, CISM, PMP, CSSLP, CRISC, CGEIT
2300 Dulles Station Blvd., Suite 220
Herndon, VA 20171
703.742.4428 | studentclearinghouse.org<http://www.studentclearinghouse.org>
LinkedIn<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fnational-student-clearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590166954&sdata=MdT45I1n7Hwbp8Zlkxlm0wEd0LdLnq5Cpr91ybCEjHw%3D&reserved=0>
 | 
Twitter<https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fnsclearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590171933&sdata=idMHM8D4VdMRpIa2H1YUTmwMgC4ZU0L2jqL3VjVNs4s%3D&reserved=0>
 | 
Facebook<https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.facebook.com%2FNSClearinghouse&data=02%7C01%7Cdugan%40studentclearinghouse.org%7Cc37208aebac64fd76e8508d84f636448%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637346635590176915&sdata=ILW%2BPdv1fgHooOkbQlkP9ei%2BJOsk7YlCMzYNU572flU%3D&reserved=0>
 | Blog<https://www.studentclearinghouse.org/nscblog/> | Instagram<https://www.instagram.com/NSClearinghouse/>

Serving Education Since 1993

This message is proprietary to the National Student Clearinghouse, is intended only for the addressee and may contain 
confidential or privileged information. If you receive this message in error, please contact the sender and delete all 
copies.

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Brian Kelly
Sent: Thursday, February 25, 2021 9:03 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Under ATT&CK?


EXTERNAL MESSAGE
Good morning,
I'm interested in gauging the adoption of or interest in getting started with Mitre ATT&CK - 
https://attack.mitre.org/<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fattack.mitre.org%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C7fef5b3a72974313537508d8d99621d4%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637498586133561873%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=5IBR8CgmqrQfP%2B7RUSwUCil7OxRaOsljA58AUra5nrI%3D&reserved=0>
 in our community.
Please let me know if

  *   You are currently using ATT&CK
  *   Would be interested in a getting started with ATT&CK session at the Cybersecurity and Privacy Professionals 
Conference in June.

Have a great day,

Brian
Brian Kelly, CISSP, CISM, CEH
Director, Cybersecurity 
Program<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Ffocus-areas-and-initiatives%2Fpolicy-and-security%2Fcybersecurity-program&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C7fef5b3a72974313537508d8d99621d4%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637498586133571824%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Khy0Hz5y8M4bxLJZzDAWyumwufliwmNT25Qv2NjSh%2FA%3D&reserved=0>
bkelly () educause edu<mailto:bkelly () educause edu>

EDUCAUSE
Uncommon Thinking for the Common Good
Follow HEISC on 
LinkedIn<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C7fef5b3a72974313537508d8d99621d4%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637498586133571824%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=YVCwl8laAE3AMPUEqH%2BdSXyfJv2TRla74EXTgo3S%2Bx4%3D&reserved=0>
 | Twitter: @HEISCouncil

direct: 475.449.6440 | 
educause.edu<https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C7fef5b3a72974313537508d8d99621d4%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637498586133581789%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=GqHUYR%2Fg4UHOFHNkIchFZxytmXYbG5AFa9FSra5h4uQ%3D&reserved=0>
1150 18th Street, NW, Suite 900 Washington, DC 20036



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C7fef5b3a72974313537508d8d99621d4%7C8cc02fea054043a688b6069d3eac0119%7C0%7C0%7C637498586133581789%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=%2BEU59sQUAlNSEMbFRRLgegQeV662ugiLHLjoSZdrr0w%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community