BAE Systems has joined the Center for Threat-Informed Defense (Center), operated by MITRE Engenuity, as a research sponsor to help the organization with its work to develop resources that protect against cyber-attacks.
The Center was launched in 2019 in response to feedback from the cybersecurity community for a non-commercial, non-profit focal point that would sustain and accelerate the evolution of publicly available resources critical to cyber defenders. Since its inception, the Center and its members have produced and released a broad array of freely available resources and tools designed to help cyber defenders get ahead and stay ahead of adversaries.
BAE Systems’ research collaboration will build on the MITRE ATT&CK framework as the foundation for a threat-informed defense approach and look to identify trends in attacker behaviour that can inform the threat intelligence community.
Over the past six years, BAE Systems has produced over 500 detailed research reports based on cases from its incident response team and threat intel investigations. Tactics and techniques have been extracted from these using the MITRE ATT&CK framework, with tactics such as Command and Control and Defense Evasion being most common.
Dr. Adrian Nish, head of cyber at BAE Systems Applied Intelligence said: “Cyber threats continue to plague organizations, companies, municipalities, and governments around the world. Attackers are using new technologies and defending networks requires greater resources and attention to detail. Continual research and collaboration by the best and brightest in the field to secure the cyber world is critical and we look forward to working with the Center in this great fight.”
Richard Struse, Center director, said: “The Center for Threat-Informed Defense brings together the best security teams from around the world to identify and solve the most-pressing problems facing cyber defenders. We’re excited that BAE Systems employees from both its Applied Intelligence and Intelligence & Security teams have joined our efforts to change the game on adversaries by helping improve our collective ability to prevent, detect, and respond to cyberattacks.”