In this compelling presentation at the Secure Asia Pacific, I will delve into the cutting-edge practice of control validation through adversary emulation, specifically within the context of Depository Trust & Clearing Corporation (DTCC). Focusing on the crucial task of ensuring the effectiveness of our cyber security monitoring controls, I will highlight DTCC's innovative approach of emulating threat actors or adversary campaigns using the well-established MITRE ATT&CK framework. Through insightful analysis and real-world examples, I will demonstrate how DTCC successfully mimics adversarial behavior, allowing us to assess the robustness of our defensive measures. Attendees will gain valuable insights into the benefits and challenges of this proactive validation approach, as well as the practical steps taken by DTCC to implement it within the organization. From identifying control gaps to evaluating response capabilities, this presentation offers a comprehensive exploration of control validation through adversary emulation, offering attendees practical strategies to enhance their own cyber security practices.
Learn about the practice of adversary emulation using MITRE ATT&CK framework.
Gain valuable insights into DTCC's control validation practices, providing attendees with actionable guidance to establish or enhance their own control validation programs.
Acquire firsthand experience with the tools, resources, and processes employed in adversary emulation, allowing attendees to develop practical skills and knowledge in this crucial area of cyber security.
Associate Director of Technology Risk Management,
Depository Trust & Clearing Corporation
You must be logged in and own this session in order to