Enhancing cybersecurity defenses: a multicriteria decision-making approach to MITRE ATT&CK mitigation strategy

TL;DR

This paper proposes a novel cybersecurity defense strategy that combines the MITRE ATT&CK framework with multi-criteria decision-making techniques to prioritize security controls effectively.

Contribution

It introduces an integrated approach using MCDM methods to enhance the prioritization of cybersecurity mitigation strategies based on the ATT&CK framework.

Findings

Improved prioritization of security controls

Enhanced decision-making for cybersecurity defenses

Better adaptation to evolving cyber threats

Abstract

Cybersecurity is a big challenge as hackers are always trying to find new methods to attack and exploit system vulnerabilities. Cybersecurity threats and risks have increased in recent years, due to the increasing number of devices and networks connected. This has led to the development of new cyberattack patterns, such as ransomware, data breaches, and advanced persistent threats (APT). Consequently, defending such complicated attacks needs to stay up to date with the latest system vulnerabilities and weaknesses to set a proper cybersecurity defense strategy. This paper aims to propose a defense strategy for the presented security threats by determining and prioritizing which security control to put in place based on combining the MITRE ATT&CK framework with multi-criteria decision-making (MCDM) techniques. This approach helps organizations achieve a more robust and resilient cybersecurity posture.