August 3, 2023 – WASHINGTON, D.C. – The Chertoff Group and Tidal Cyber today announced a joint offering to deliver threat-informed defense as a managed service. With this new offering, enterprise security organizations will be able to keep pace more effectively with rapidly evolving cyber threat groups. By leveraging the Enterprise Edition of Tidal Cyber’s platform, The Chertoff Group can help organizations:
- Understand which tactics, techniques and procedures (TTPs) matter most as adversary behaviors evolve;
- Rapidly assess whether existing security products and capabilities adequately cover those evolving TTPs; and
- Identify solutions that can rapidly address critical coverage gaps as they emerge.
Enterprise security teams continually tune their cyber defenses against threat behaviors that are most likely to be used by evildoers to attack . However, keeping pace with rapidly evolving threat groups and the hundreds of tactics, techniques and procedures (TTPs) they employ is difficult. Understanding whether currently deployed security products can defend effectively against those TTPs is even harder. Accurately assessing which of the thousands of capabilities available from hundreds of vendors can best defend against those TTPs has been nearly impossible for even the largest of security organizations.
Delivered as a managed service, The Chertoff Group will integrate key elements of its threat-informed defense operating model into the combined offering to solve these issues. This approach includes delivering as a service inherent risk profiling, high-value asset categorization, threat profiling, coverage mapping, continual risk-based optimization, ongoing testing and assurance, and threat hunting support.
Chertoff Group Executive Chairman and Co-Founder Michael Chertoff said, “It is becoming practically impossible to ensure that everything is properly patched, and we need to change the way we measure performance. The Tidal team have been pioneers in threat-informed defense, and Tidal is an exceptional partner for us as we help clients better defend themselves and continuously measure cybersecurity performance with accuracy and precision.”
The joint offering applies a deep understanding of the MITRE ATT&CK® framework through the Tidal Cyber Enterprise Edition platform. ATT&CK is the most comprehensive, authoritative approach to mapping of threat actors to tactics, techniques and procedures (TTPs) openly available today. Tidal’s platform empowers users to extend that knowledge base to keep pace with the rapidly evolving threat environment.
The Tidal Cyber Enterprise Edition helps streamline the ability for security organizations to discover and fill security gaps as adversaries evolve by enabling efficient Threat Profiling and Coverage Mapping. Threat Profiling enables security operators to add and automatically track the behavioral evolution of multiple important threat objects (groups, malware families, campaigns) that are likely to attack a given enterprise. Coverage Mapping automatically assesses risk to an asset or group of assets by a Threat Profile on a TTP-by-TTP basis. Coverage Mapping makes it easy to discover important capability gaps and guides the reallocation of costly resources toward those gaps that represent the greatest risk to the enterprise.
“We are extremely proud to work with The Chertoff Group in this important collaboration,” said Tidal Cyber CEO Rick Gordon. “The Chertoff Group is a globally recognized expert in threat-informed defense. They have helped many of the most sophisticated enterprise security organizations around the world leverage advanced knowledge of adversary behaviors to effectively manage cyber risk.”
About The Chertoff Group
The Chertoff Group is an advisory firm of highly qualified experts that uses proven frameworks to help organizations achieve their business and security objectives in a complex risk environment. Our team helps organizations manage cyber, physical and geopolitical risks; navigate evolving regulatory and compliance requirements; and discover opportunities to win business and create value. Through our investment banking subsidiary Chertoff Capital, the firm provides M&A advisory services to companies in the defense technology, national security and cybersecurity markets. Together, we enable a more secure world. For more information, visit www.chertoffgroup.com.
About Tidal Cyber
Founded in January 2022 by a team of threat intelligence veterans with experience at MITRE, the U.S. Department of Homeland Security, and a wide range of innovative security providers, Tidal Cyber enables businesses to implement a threat-informed defense more easily and efficiently. Tidal helps its customers map the security requirements and capabilities of their unique environment against the industry’s most complete knowledgebase of adversary TTPs, including the MITRE ATT&CK knowledge base, additional open-source threat intelligence sources, and a Tidal-curated registry of security products mapped to specific adversary TTPs. For more information please contact: info@tidalcyber.com
Read our white paper.
