Most of the enterprises focus on preventing cyber attacks by relying on commercial and close-source cybersecurity products only. Currently, they use many strategies and models (e.g., zero trust) and they have many controls in place, and they can’t manage that affectively. The key problem is a purchasing behavior by enterprises and unclear information paths. While these strategies and models are effective against some type of threats, it fails in advanced threat operations, and defenders need time to adapt these strategies that will lead to increase cost and disperse technical resources in times of austerity. What if change the game between defenders and adversaries?!. Defenders draw real information paths and deceptive paths by iterative processes. It will help to understand adversary behaviors, adapt defensive controls and get more indicators to improve intelligence capabilities. Also, improving security teams’ critical and active thinking approaches. During this talk, we will discuss the importance of cyber strategic planning by applying adversary engagement, also the structure of adversary engagement and the role of MITRE ATT&CK in Cyber adversary engagement analysis.
Amgad Magdy is SnellSec Leader "An Innovative Emirati Company" and his academic research is focusing on cyber active defense approaches. He works as a cybersecurity consultant for various enterprises in the MENA region with experience in cyber threat intelligence and digital forensics investigation. Also, he is BSides Cairo organizer and MITRE ATT&CK Community lead in Africa & Middle East.