The US military and other leading US government agencies take a proactive stance against cyberattacks with AttackIQ

SANTA CLARA, Calif.–(BUSINESS WIRE)–AttackIQ®, the leading independent breach and attack simulation (BAS) systems provider, today announced that key legislative, executive, intelligence, and defense agencies of the U.S. government, including the he U.S. military rely on a threat-aware defense strategy to take a proactive stance against cyberattacks. By focusing on known threats and continuously testing their defenses against the adversary behaviors outlined in the MITER ATT&CK® framework, operators have better data and insight into their program’s performance. To date, AttackIQ is now deployed in more than a dozen US government agencies and organizations, including three of the six US military service branches; legislative, intelligence community, defense agency clients; and many civilian agencies of the executive branch.

From the SolarWinds supply chain cyberattack on civilian government agencies to ongoing attacks on national security systems, the US government is a top target for nation states and cybercriminal groups. To improve the government’s cybersecurity posture, in 2021 the Biden administration issued a new executive order for the federal government, focused on implementing a zero-trust architecture. In addition to zero trust, US government agencies are investing in proactive measures and technologies such as breach and attack simulation to understand their performance against threats, identify gaps in their defenses, and make decisions based on evidence. data to improve their cybersecurity.

AttackIQ Security Optimization Platform – winner of the 2021 American Security Today ‘ASTORS’ Homeland Security Awards Gold Award for Best Breach and Attack Simulation Solutions, and GOVIES Gold Award Government Security 2021 for Best Cyber ​​Defense Solution – enables cybersecurity practitioners to continuously check the health of their security programs securely, at scale, and in an automated manner. Continuous validation of security controls gives security teams real-time, data-driven visibility into whether their controls are working as intended, at all times, not just at one point in time.

“From the SolarWinds incursion to the recent tensions along the Ukrainian border, we are in a perpetual state of conflict in cyberspace, and the U.S. government faces significant threats,” said Carl Wright, chief commercial officer of AttackIQ and former US Marines CISO. Body. “At AttackIQ, we are honored to partner with the U.S. government to give our nation’s critical organizations the technology and insights they need to stay ahead of the changing threat landscape.”

The use of breach and attack simulation provides a number of capabilities to the US government, including:

  • Security Control Validation: Agencies and the US military use the platform to continuously test and audit their security controls to ensure cybersecurity readiness.

  • Compliance Optimization: Contractors and U.S. government agencies can validate compliance effectiveness against the Department of Defense’s Cybersecurity Maturity Model (CMMC) certification and family of controls. National Institute of Standards and Technology (NIST) Safety 800-53.

  • Analyst training and certification: Agencies and the US military use the platform to test their teams against specific certification requirements such as NIST 800-53 and DoD Cybersecurity Maturity Model (CMMC) certification to improve individual and team performance.

These capabilities emerge from cutting-edge research and development produced by the Center for Threat-Informed Defense at MITER Engenuity, a private research and development organization whose mission is to improve the effectiveness of cybersecurity worldwide and to extend the use of the MITER ATT&CK framework. AttackIQ is a founding member of the Center and has contributed to seven of the 13 projects launched last year, including ATT&CK for Cloud, NIST 800-53 Controls to ATT&CK Mapping, and Mapping ATT&CK to CVE.

Lt. Gen. Lori E. Reynolds, USMC, Retired Joins Council of Informed Advocates

To better share cybersecurity learnings with U.S. government agencies, AttackIQ is proud to announce that Lt. Gen. Lori E. Reynolds, USMC, retired, has joined the AttackIQ Informed Advocates Council, comprised of advisors security experts. The Council brings together cybersecurity and technology leaders from across industries to share best practices and improve cybersecurity effectiveness. The depth and breadth of Lt. Gen. Reynolds’ experience will serve as a resource to government as agencies provide informed threat defense.

Retiring from a 35-year career in the United States Marine Corps, Lt. Gen. Reynolds’ final assignment was as deputy commander of information, a newly created post that recognized the growing importance of information, cyberspace and digital technologies, as well as emerging conflict. domains of space and cyberspace. During her time as deputy commander of information, she was responsible for all computing, intelligence, cyberspace, space and influenced the development of Marine Corps personnel and capabilities. . Lt. Gen. Reynolds joins James Trainor, federal government expert and board member, former deputy FBI director and current senior vice president at Aon Solutions, to bolster AttackIQ’s advisory expertise with the U.S. government within our Council of Informed Advocates.

“Threat actors are becoming increasingly sophisticated and aggressive in their attempts to harm and disrupt the organizations they target. It’s time for the cybersecurity community as a whole to look at the challenges holistically and share corresponding best practices so we can make sure we’re doing our best to create a safer world,” said Lori. Reynolds. “I welcome the opportunity to join this community of experts designed to find new ways to defend organizations and do more to help keep our nation safe.”

About AttackIQ

AttackIQ, the leading independent provider of breach and attack simulation solutions, has created the industry’s first security optimization platform for the continuous validation of security controls and the improvement of efficiency and efficiency of security programs. AttackIQ is trusted by leading organizations around the world to plan security enhancements and verify that cyber defenses are performing as intended, in accordance with the MITER ATT&CK framework. The company is committed to giving back to the cybersecurity community through its free, award-winning AttackIQ Academy, open preactive security exchange, and partnership with MITER Engenuity’s Threat-Informed Defense Center. For more information, visit www.attackiq.com. Follow AttackIQ on TwitterFacebook, LinkedIn and YouTube.

Ashley C. Reynolds