Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
https://risky.biz/
Risky Biz Soap Box: Mapping NIST 800-53 to MITRE ATT&CK
These Soap Box editions of the show are wholly sponsored. If that’s not your thing and you’re looking for the weekly news edition of the show, just scroll one show back in your feed.
This soap box edition is brought to you by AttackIQ. They make a Breach and Attack Simulation platform that’s designed to test the effectiveness of your security controls by simulating bad things in your environment.
Carl Wright and Jonathan Reiber are joining us in this edition of the show. These days he’s AttackIQ’s senior director of cybersecurity and strategy but he previously served as a former Chief Strategy Officer for Cyber Policy in the Office of the Secretary of Defense.
They joined the show to talk through their work in mapping NIST 800-53 to the MITRE ATT&CK framework. Enjoy!
Show notes Center for Threat-Informed Defense releases security control mappings to ATT&CK - MITRE Engenuity Here comes the bride: New map matches threat intel to cyberdefenses - CyberScoop MITRE Engenuity to strengthen critical infrastructure - AttackIQ