Cyber defense is complex and easy to get wrong. Threat-informed defense is an approach to cybersecurity that involves gathering and utilizing information about potential threats and adversaries to enhance an organization's security posture. It focuses on understanding the tactics, techniques, and procedures (TTPs) employed by threat actors and using that knowledge to develop proactive defense strategies.
In this episode, we sat down with Jon Baker, Director of the Center for Threat-Informed Defense at MITRE, to discuss the importance of threat-informed defense, the work MITRE is doing around this area, and how organizations can leverage its resources to bolster their cyber strategy.
All this and more on The Cyber Jack Podcast.
Jon Baker is the founding Director of Research for MITRE Engenuity’s Center for Threat-Informed Defense. In addition to co-founding the Center, he is the Adversary Emulation and SOC Orchestration Department Head in The MITRE Corporation’s Cyber Operations and Effect Technology Center. His department leads the development of ATT&CK and works to advance adversary emulation as a capability to drive innovation in defensive cyber operations. Jon has spent much of the past sixteen years at MITRE, working with industry and government partners to increase the affordability, efficiency, and effectiveness of cybersecurity automation and information sharing technologies. He led the MITRE team that developed STIX and TAXII, which enable automated cyber threat intelligence sharing. Jon led MITRE’s security automation team through the development of SCAP and managed the CVE team. He was a cocreator of OVAL, a standard language for describing and checking for the presence of misconfigurations, vulnerabilities, and other endpoint artifacts.