Member-only story
Understanding MITRE ATT&CK with the help of ATTACKIQ
Five years ago, I realized I had to learn about the growing importance of cyber in global warfare. Moving out of working in the war on terror, I knew in order to stay relevant and hopefully make more money, I needed to understand new conflict environments.
In 2019, I took a bootcamp on cyber security. We learned basic skills in system administration, networking, GRC, and cyber intelligence. I stayed on with the academy and ended up teaching the cyber intelligence course.
While putting together the material for my class, I discovered the concept of MITRE ATT&CK. MITRE ATT&CK clicked better than anything had in all my cyber learning.
Years ago, as a young intelligence analyst, I studied Russian military tactics to include phases and order of battle. During the Cold War, the Russians often fought the same way in every battle — whether in Afghanistan, Czechoslovakia, Hungary, Germany, or anywhere else. They had the same structure, equipment, organization, and battlefield philosophy. They even exported their battle templates to militaries they worked with, such as Iraq.
(Note: that’s one of the big reasons the US Military was able to stomp the Iraqi Military in 1991. The Iraqis fought with a Russian order of battle. The US Military knew it, studied it, and knew what was going to…
