Chertoff Group & Tidal Cyber partner to deliver threat-informed defense

With this new offering, enterprise security organizations will be able to keep pace more effectively with rapidly evolving cyber threat groups.
Aug. 3, 2023
3 min read

August 3, 2023 -- WASHINGTON, D.C. -- The Chertoff Group and Tidal Cyber today announced a joint offering to deliver threat-informed defense as a managed service. With this new offering, enterprise security organizations will be able to keep pace more effectively with rapidly evolving cyber threat groups. By leveraging the Enterprise Edition of Tidal Cyber’s platform, The Chertoff Group can help organizations:

  • Understand which tactics, techniques and procedures (TTPs) matter most as adversary behaviors evolve;
  • Rapidly assess whether existing security products and capabilities adequately cover those evolving TTPs; and
  • Identify solutions that can rapidly address critical coverage gaps as they emerge.

Enterprise security teams continually tune their cyber defenses against threat behaviors that are most likely to be used by evildoers to attack. However, keeping pace with rapidly evolving threat groups and the hundreds of tactics, techniques and procedures (TTPs) they employ is difficult. Understanding whether currently deployed security products can defend effectively against those TTPs is even harder. Accurately assessing which of the thousands of capabilities available from hundreds of vendors can best defend against those TTPs has been nearly impossible for even the largest of security organizations.

Delivered as a managed service, The Chertoff Group will integrate key elements of its threat-informed defense operating model into the combined offering to solve these issues. This approach includes delivering as a service inherent risk profiling, high-value asset categorization, threat profiling, coverage mapping, continual risk-based optimization, ongoing testing and assurance, and threat hunting support.

Chertoff Group Executive Chairman and Co-Founder Michael Chertoff said, “It is becoming practically impossible to ensure that everything is properly patched, and we need to change the way we measure performance. The Tidal team have been pioneers in threat-informed defense, and Tidal is an exceptional partner for us as we help clients better defend themselves and continuously measure cybersecurity performance with accuracy and precision.”

The joint offering applies a deep understanding of the MITRE ATT&CK framework through the Tidal Cyber Enterprise Edition platform. ATT&CK is the most comprehensive, authoritative approach to mapping of threat actors to tactics, techniques and procedures (TTPs) openly available today. Tidal’s platform empowers users to extend that knowledge base to keep pace with the rapidly evolving threat environment.

The Tidal Cyber Enterprise Edition helps streamline the ability for security organizations to discover and fill security gaps as adversaries evolve by enabling efficient Threat Profiling and Coverage Mapping. Threat Profiling enables security operators to add and automatically track the behavioral evolution of multiple important threat objects (groups, malware families, campaigns) that are likely to attack a given enterprise.

Coverage Mapping automatically assesses risk to an asset or group of assets by a Threat Profile on a TTP-by-TTP basis. Coverage Mapping makes it easy to discover important capability gaps and guides the reallocation of costly resources toward those gaps that represent the greatest risk to the enterprise.

“We are extremely proud to work with The Chertoff Group in this important collaboration,” said Tidal Cyber CEO Rick Gordon. “The Chertoff Group is a globally recognized expert in threat-informed defense. They have helped many of the most sophisticated enterprise security organizations around the world leverage advanced knowledge of adversary behaviors to effectively manage cyber risk.”

Sign up for our eNewsletters
Get the latest news and updates

Voice Your Opinion!

To join the conversation, and become an exclusive member of Security Info Watch, create an account today!