Security Teams Prep Too Slowly for Cyberattacks – Dark Reading

Very much like prevention of disease is far more effective than treating the ill, prioritising training to identify the early stages of an attack makes most sense…

[…] The study showed which attack techniques companies had prioritized for training. The most popular learning and testing modules involved the execution stage of attacks, as defined by the MITRE ATT&CK framework, a topic that was five times more popular than similar labs on data collection and infiltration, according to Immersive Labs data.

The focus on earlier stages in the ATT&CK framework makes sense, says Breen.

[…]

Original article