Advanced Threats

Fight Back with the X-Force IRIS Cyberattack Preparation and Execution Frameworks

Play the latest episode
Jul 10, 2018
16 minutes


Listen to the Security Intelligence Podcast wherever you get your podcasts.

Fight Back with the X-Force IRIS Cyberattack Preparation and Execution Frameworks
July 10, 2018
| |
2 min read

Listen to this podcast now on iTunes, Soundcloud or wherever you find your favorite content.

On today’s SecurityIntelligence podcast, cyberattack preparation takes center stage as global security intelligence analyst Alexandrea Berninger zooms in on IBM X-Force Incident Response and Intelligence Services’ (IRIS) new cyberattack preparation and execution frameworks.

Berninger and her X-Force IRIS teammates play a critical role in discovering how attacks take shape and empowering organizations to better understand cybercriminal behavior and then respond quickly and effectively. As Berninger explains, the newly released frameworks encompass everything from target selection to initial compromise and ongoing attack efforts. They also accommodate multiple attack types, such as advanced persistent threats (APTs), zero-day attacks, Trojans and commodity malware.

The Role of Cyberattack Preparation and Execution Frameworks

Listen in as Berninger explains how and why the cyberattack preparation and execution frameworks developed by X-Force IRIS emphasize attack preparation, which other leading models often overlook. By discovering the steps threat actors take before compromising networks, companies can harden their attack surface proactively. In addition, the frameworks offer insight into how attackers evade defenders and account for the “feedback cycle,” in which threat vectors may change as responders uncover key aspects of the incident.

IRIS experts recognize that the typical stages of an attack don’t always happen sequentially, and sometimes may not happen at all. Ransomware like WannaCry, for example, moves rapidly across lateral network services but conducts almost no internal recon. Threat intelligence tools must be able to account for this diversification.

Why Perimeter Defense Is Not Enough

As Berninger concludes, many organizations still invest heavily in perimeter defense as their primary protection against network compromise. The hard truth is that no network is completely safe. The business value of IT security is now derived from actionable threat intelligence that helps stop attackers in their tracks.

Listen to the podcast

Want to learn more? Read the new X-Force IRIS white paper, check out the new SecurityIntelligence article and, of course tune in on iTunes, Soundcloud or you streaming service of choice to hear the complete podcast.

Security Intelligence Staff
Security Intelligence Staff

Security Intelligence strives to be the leading site for technical and business-focused security content. Security is an essential factor for every business,...
read more

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
Press play to continue listening
00:00 00:00