Let’s Play a Game: Using the MITRE ATT&CK Framework to Improve Communication Between CISOs and CIOs
Tracks
Cyber Strategy (SU 108)
| Friday, October 14, 2022 |
| 3:00 PM - 4:00 PM |
| Student Union 108 |
Speaker
Dr. Joel Fulton
CEO
Lucidum
Let’s Play a Game: Using the MITRE ATT&CK Framework to Improve Communication Between CISOs and CIOs
Abstract
Most CISOs will ask for investments and increases in budget to respond to either current events or long-standing security concerns, but they don’t have sufficient data points to support the ask. This presents a challenge for CIOs and the strategic leaders, as they want to avoid security threats but have limited resources to delegate. By using the MITRE ATT&CK framework as a guide for these conversations, CISOs will be able to effectively explain the severity of threats and the actions to mitigate them while allowing CIOs to be active participants.
By viewing the MITRE ATT&CK framework as a board game, security teams can thoroughly understand where their vulnerabilities lie and take the appropriate action to prevent attacks.
By viewing the MITRE ATT&CK framework as a board game, security teams can thoroughly understand where their vulnerabilities lie and take the appropriate action to prevent attacks.
Biography
Joel Fulton is the co-founder of Lucidum, the attack surface management and IT asset discover platform. He is also the co-founder of Silicon Valley CISO Investments, a leading group of Chief Information Security Officers that operate as an angel investor syndicate.
Previously the Chief Information Security Officer for Splunk, Dr. Fulton has also led security and risk teams at Symantec, Google, Starbucks, Boeing, several financial institutions and led a security and regulatory compliance consulting firm for ten years.
In 2017, Security Magazine named Dr. Fulton one of the Most Influential People in Security. He is a frequent speaker at external conferences and customer events on Insider Threat, AI/Machine Learning & Cyber Security, pragmatic risk management, and global security management. He holds a bachelor’s degree in business administration from Excelsior College, a Master of Science in information security from Capella University, and a doctoral degree in information assurance and security from Capella University.
