In this recorded session from Duo's Virtual Summit 2020, Cisco’s Head of Cybersecurity Systems Engineering Ross Ferguson and Head of Research for CX EMEAR Security Architecture Tim Wadhwa-Brown sit down for a chat regarding ATT&CK and what it means to businesses. Throughout their conversation, they discuss some of the history of the ATT&CK framework, the benefits of ATT&CK, the concept of “thinking in graphs,” best practices for using ATT&CK and how to tackle any gaps, how an ATT&CK Path Map functions and how best to utilize it, and the importance of multi-factor authentication and secure DNS.
Ross Ferguson, Head of Cybersecurity Systems Engineering, Cisco
Ross Ferguson 3*CCIE, GCFA, GCIH Ross has over 25 years expertise in network security strategies, architecture design and implementation. He has held a senior position within Cisco Security Services for the last 10 years with specialisms in cybersecurity architecture, security operations, digital forensics and incident response. Ross currently leads their Incident Response service for the EMEAR and APJC Regions.
Tim Wadhwa-Brown, Head of Research, Security Architecture, Cisco
Tim Brown joined Cisco as part of their acquisition of Portcullis for whom he worked for almost 12 years. He is equally happy performing white box assessments with access to source code or where necessary diving into proprietary binaries and protocols using reverse engineering methodologies. Tim has contributed to a number of Cisco’s bespoke methodologies covering subjects as diverse as risk and compliance, secure development, host hardening, ERP and SCADA.