"Enhancing Defenders' Predictive Power in Cyberspace"
Researchers at the RAND Corporation have developed a new model that improves upon existing frameworks to help organizations proactively protect themselves against cyber threats. The process-based Scalable Warning and Resilience Model (SWARM) developed by RAND focuses on cyber threats stemming from state-sponsored actors but without the assumption of access to classified assets or information. This model prioritizes threat detection and aids the improvement of cyber incident prediction. It combines processes aiming to help organizations anticipate and defend against malicious actors in order to enhance network resilience. SWARM adapts data collection, cyber threat intelligence, and penetration testing to the specific type of intrusion sets most likely to target an organization's network. The model adapts the concept of applying both resilience and Indications and Warning (I&W) frameworks to information environments. It incorporates a combination of tailored threat modeling and emulation. SWARM adapts across organizations, provides advance warning for cyber incidents through early technical and nontechnical indicators, improves network resilience against targeted cyber incidents, and more. The RAND Corporation's new report includes a case study, demonstrating how the model could help defenders by proactively protecting their systems through early warning of cyber incidents before they happen. This article continues to discuss how SWARM can help organizations proactively defend against cyber threats as well as the need for organizations to have a tailored and targeted approach to cybersecurity.
Homeland Security News Wire reports "Enhancing Defenders' Predictive Power in Cyberspace"