The accreditors of this session require that you periodically check in to verify that you are still attentive.
Please click the button below to indicate that you are.
VERIS, or the Vocabulary for Event Recording and Incident Sharing, is a set of metrics designed to provide a common language for describing cybersecurity incidents (and data breaches) in a structured and repeatable manner. VERIS provides cyber defenders and intelligence practitioners with the ability to collect and share useful incident-related information - anonymously and responsibly - with others. The VERIS Framework underpins the annual Data Breach Investigations Report (DBIR).
VERIS employs the A4 Threat Model to describe key aspects of incidents and breaches that affect victim organizations. Simply put, the A4 Threat Model seeks to answer: who (actor) did what (action) to what (asset) in what way (attribute) for threat modeling, intelligence analysis, breach mitigation and detection / response improvement.
Learning Objectives:
Understand data breaches and cybersecurity incidents through the VERIS lens.
Identify the four components of the VERIS A4 Threat Model: actors, actions, assets, attributes.
Apply use cases for the VERIS A4 Threat Model.
Speaker(s):
John
Grim,
Head | RDI, Verizon Threat Research Advisory Center,
Verizon