Recent Post

What is The ATT&CK Framework?

  Today we’re going to talk about what is the ATT&CK framework and why you need to understand it so that you can protect your business. Without an understanding of this, your company will remain at risk.

    So what is the ATT&CK framework? Well, first of all, you’ll note that it’s spelled a little differently. It’s A-T-T ampersand C-K. It stands for Adversarial tactics techniques and Common knowledge. So basically this is a framework that outlines the bad guys, the cyber criminals’, tactics and techniques, and it also gives common knowledge as to what they are.

    There’s a group out there called MITRE, M-I-T-R-E. That has kind of brought this to the forefront. It’s a great company to look into if you want to find out what the Miter attack looks like. They have listed out all of the ways that bad guys are infiltrating our data systems networks for nefarious reasons. From email to brute force attacks to man in the middle attacks. All different types of attacks.

    And why it’s important to you as a business owner is because ultimately it is not the one-and-done kind of attack that we’ve seen in the past. Cybercriminals are getting into our system and living there on average for about seven months. They call it living off the land. So they’re living in your house and hiding out. Obfuscating themselves so that they can gather more data about your family members, about your assets to determine really what it is about you that they can monetize. And it is not again, a one and done. They’re not just getting in and encrypting all your files first. They’re getting in, they’re discovering what you do, what type of files you have, they’re gathering them, they’re stealing them, and then they’re probably going to encrypt you. So they’ve already got all the goods stolen before they encrypt you in today’s attacks that we’re seeing.

     It’s really important to understand this. And really from a personal standpoint, what I am working on very diligently is trying to figure out ways to know whenever they’re first basically coming in the front gate. I don’t want them in the bedroom with me before I know that they’re in the house and they’ve already plundered every room and they have a gun to my head and I’m laying up in bed. You want to find out way ahead of time that they’re in the house.

    For the good guys like us, it’s great that there are these entities out there that are documenting each time and we can submit our log files to them and they will parse through them and look at them to help us determine when and where the actual breach happened. And then the techniques where they took a simple email compromise and how they exported it up into a major ransomware attack. This is a little technical, but not that technical. If you were to study a battlefield, this is ultimately how the bad actors are doing. They call it the cyber kill chain. In the same way that the armed forces work on kill chains to take over an enemy land and territory. This follows that same pattern. It’s very interesting. It’s not as complex as you might think but you need to understand it. You need to have a defense in depth strategy to protect your organization because if you do not have certain barricades up, the bad actors are going to exploit you.

    Nowadays with all of the attorneys being involved in this cyber liability insurance, it adds such a complication to your life not only from a monetary standpoint but just having to go through that. I’ve been with many clients as they’ve gone through it and I guarantee it’s taken years off their life. So if you have more questions please reach out. This is something that every business owner needs to be addressing right now.

More Questions? Book Your Discovery Meeting



Phillip Long, CEO of BIS - Managed IT Services Provider


Phillip Long – CISSP, CEO of , along with his team of marketing and information technology experts, will walk you through an overview of what your business should be doing to protect your data and plan your digital marketing strategies.



You may reach out to us at:
Phone: 251-405-2555