Learn about the critical issue of fragmented threat actor naming conventions across threat research programs in this 21-minute conference talk from CarolinaCon. Explore how the lack of standardization leads to confusion, with examples like a single North Korean threat actor being tracked under 16 different names by various research programs. Discover why multiple taxonomies exist in cybersecurity threat research and examine potential solutions using MITRE ATT&CK's framework as a blueprint for developing an open-source standardized naming system. Gain insights into how improved collaboration and standardization in threat actor identification could enhance cybersecurity defense capabilities.
Repercussions from the Absence of Threat Actor Taxonomy - Understanding Naming Fragmentation in Cybersecurity
CarolinaCon via YouTube
Overview
Syllabus
Repercussions from the Absence of Threat Actor Taxonomy by Jeffrey Bell
Taught by
CarolinaCon
Related Courses
-
Application of the MITRE ATT&CK Framework
-
Analysis of North Korean Nation-State Attacks Using MagicRAT Malware
-
Developing a Converged IT/OT Threat Model Using MITRE ATT&CK
-
Real-World Implications of the MITRE ATT&CK Framework for IT and OT Environments
-
Improving Cybersecurity Posture with an AI Security Assistant
-
Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations
