From ffd4241e33b584fd331cc1108567c73f15e2f74e Mon Sep 17 00:00:00 2001 From: "Mark E. Haase" Date: Tue, 9 Apr 2024 15:44:01 -0400 Subject: [PATCH] Final updates for publication --- README.md | 4 ++-- docs/changelog.rst | 7 +++---- docs/conclusion.rst | 15 ++++++++++----- docs/dimensions.rst | 6 +++--- docs/index.rst | 6 +++--- docs/maxmature.rst | 16 ++++++++-------- docs/measuring.rst | 12 ++++++------ docs/spreadsheet.rst | 6 +++--- 8 files changed, 38 insertions(+), 34 deletions(-) diff --git a/README.md b/README.md index e2fa050..e5a81f2 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ # Measure, Maximize, and Mature Threat-Informed Defense The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what -Threat-Informed Defense (TID) is and the key activities associated with its practice. -The project captures insights and best practices for what it means to be threat-informed +Threat-Informed Defense is and the key activities associated with its practice. The +project captures insights and best practices for what it means to be threat-informed across a security program, expanding the dimensions of Threat-Informed Defense into key components that organizations can implement. For each of these components, the project defines specific elements of implementation maturity, which enables organizations to diff --git a/docs/changelog.rst b/docs/changelog.rst index 016a027..5dfbe5d 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -6,7 +6,6 @@ Measuring, Maximizing, and Maturing Threat-Informed Defense (M3TID) 1.0 1.0.0 -- April 11, 2024 - The initial release of M3TID includes the definition of TID, - the three Dimensions of TID, Components and Maturity Levels, - the TID measurement approach, and the proof of concept - assessment tool. + The initial release of M3TID describes the nature of threat-informed defense, + including its dimensions, components, and maturity Levels. It also provides a + scoring methodology and a spreadsheet for scoring your own organization. diff --git a/docs/conclusion.rst b/docs/conclusion.rst index 33a60e6..fbfcb96 100644 --- a/docs/conclusion.rst +++ b/docs/conclusion.rst @@ -1,15 +1,20 @@ Conclusion =========== -This new model is intended to complement existing cybersecurity frameworks and maturity models by focusing on the degree to which threat information is optimally leveraged in -an organization’s defenses. It outlines key components of cybersecurity likely to benefit most from leveraging threat information, along with defined levels of incorporation -of that knowledge for each. This model should be considered a hypothesis of what constitutes an effective threat-informed defense to be revised and improved as evidence is -gathered through its use. +This new model is intended to complement existing cybersecurity frameworks and maturity +models by focusing on the degree to which threat information is optimally leveraged in +an organization’s defenses. It outlines key components of cybersecurity likely to +benefit most from leveraging threat information, along with defined levels of +incorporation of that knowledge for each. This model should be considered a hypothesis +of what constitutes an effective threat-informed defense to be revised and improved as +evidence is gathered through its use. Acknowledgements ------------------ -The project team would like to thank our CTID participant companies for their support, engagement, and feedback. We would also like to thank all the experts internal and external to MITRE who contributed to M3TID. +The project team would like to thank our Center participants for their support, +engagement, and feedback. We would also like to thank all the experts internal and +external to MITRE who contributed to M3TID. The M3TID project team includes: diff --git a/docs/dimensions.rst b/docs/dimensions.rst index 9f71352..63d22db 100644 --- a/docs/dimensions.rst +++ b/docs/dimensions.rst @@ -44,9 +44,9 @@ Crucial to this idea of threat-informed defense is this imperative of proactive An effective threat-informed defense must continuously learn and evolve to optimally implement defensive measures to keep pace with new threats and technologies. -In the sections that follow, the three main Dimensions of TID will be explained, as well -as their key components. These components are discussed in more detail on the Key -Components and Maturity Levels page, along with key best practices for each component. +In the sections that follow, the three main dimensions of thread-informed defense will +be explained, as well as their key components. These components and their best practices +are discussed in more detail in :doc:`components/index`. Cyber Threat Intelligence - Know the Adversary ---------------------------------------------- diff --git a/docs/index.rst b/docs/index.rst index ed25b74..c2989d3 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -4,9 +4,9 @@ Measure, Maximize, and Mature Threat-Informed Defense |version| .. image:: _static/tid.png The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what -Threat-Informed Defense (TID) is and the key activities associated with its practice. -The project captures insights and best practices for what it means to be threat-informed -across a security program, expanding the dimensions of Threat-Informed Defense into key +threat-informed defense is and the key activities associated with its practice. The +project captures insights and best practices for what it means to be threat-informed +across a security program, expanding the dimensions of threat-informed defense into key components that organizations can implement. For each of these components, the project defines specific elements of implementation maturity, which enables organizations to assess and to understand the current and future state of their threat-informed defense diff --git a/docs/maxmature.rst b/docs/maxmature.rst index 56b1595..caf7d52 100644 --- a/docs/maxmature.rst +++ b/docs/maxmature.rst @@ -52,25 +52,25 @@ practices and maturity levels, and determines to implement the following improve Those changes result in the following updated scores and the accompanying graphs: .. figure:: _static/ex2scores.png - :alt: Improved TID and Component Scores + :alt: Improved Dimension and Component Scores :align: center :width: 80% - Improved TID and Component Scores + Improved Dimension and Component Scores .. figure:: _static/ex2kiviatdim.png - :alt: Radar Chart: Comparison of Improved TID Dimensions + :alt: Radar Chart: Comparison of Improved Dimensions :align: center :width: 80% - Radar Chart: Comparison of Improved TID Dimensions + Radar Chart: Comparison of Improved Dimensions .. figure:: _static/ex2kiviatall.png - :alt: Radar Chart: Comparison of all Improved TID Components + :alt: Radar Chart: Comparison of all Improved Components :align: center :width: 80% - Radar Chart: Comparison of all Improved TID Components + Radar Chart: Comparison of all Improved Components Tracking Improvement over Time ------------------------------ @@ -81,11 +81,11 @@ want to consider adding a historical record tab in their scoring spreadsheet to their changes over time. .. figure:: _static/multiyearscores.png - :alt: Multi-Year Overall TID and Dimension Scores + :alt: Multi-Year Overall and Dimension Scores :align: center :width: 80% - Multi-Year Overall TID and Dimension Scores + Multi-Year Overall and Dimension Scores .. figure:: _static/kiviatovertime.png :alt: Radar Chart: Component Improvement Over Time diff --git a/docs/measuring.rst b/docs/measuring.rst index 17e14ed..1c423e2 100644 --- a/docs/measuring.rst +++ b/docs/measuring.rst @@ -90,25 +90,25 @@ a :doc:`spreadsheet calculator `. The screenshots below are taken f Results tab of that calculator. .. figure:: _static/ex1scores.png - :alt: Overall TID and Component Scores + :alt: Overall Dimension and Component Scores :align: center :width: 80% - Overall TID and Component Scores + Overall Dimension and Component Scores .. figure:: _static/ex1kiviatdim.png - :alt: Radar Chart: Comparison of TID Dimensions + :alt: Radar Chart: Comparison of Dimensions :align: center :width: 80% - Radar Chart: Comparison of TID Dimensions + Radar Chart: Comparison of Dimensions .. figure:: _static/ex1kiviatall.png - :alt: Radar Chart: Comparison of all Key TID Components + :alt: Radar Chart: Comparison of all Key Components :align: center :width: 80% - Radar Chart: Comparison of all Key TID Components + Radar Chart: Comparison of all Key Components After an organization conducts this initial assessment and understands the current status of their threat informed defensive program, the scoring and associated diff --git a/docs/spreadsheet.rst b/docs/spreadsheet.rst index 2fefd56..1565cc2 100644 --- a/docs/spreadsheet.rst +++ b/docs/spreadsheet.rst @@ -2,7 +2,7 @@ Appendix B - Scoring Spreadsheet ================================ As part of the M3TID project, the team implemented the Dimensions, Components, and Maturity Level framework, as well as the -measurement approach, in an Excel-based tool to make leveraging the M3TID framework more accessible for the +measurement approach, in an Excel-based tool to make leveraging the M3TID framework more accessible for the community. The tool has 6 main tabs, described below: * Introduction: Summarizes the intent and objectives of the M3TID project overall. @@ -10,8 +10,8 @@ community. The tool has 6 main tabs, described below: * CTI: Definitions of CTI Components and Levels, and CTI maturity scoring. * DM: Definitions of DM Components and Levels, and DM maturity scoring. * T&E: Definitions of T&E Components and Levels, and T&E maturity scoring. -* Results: Tab that calculates the organization's Dimension-level and Overall TID scores. -* Example Historical Change: Example tab provided to show how to track change over time. This tab does not automatically pull data from any other tab. +* Results: Tab that calculates the organization's Dimension-level and Overall scores. +* Example Historical Change: Example tab provided to show how to track change over time. This tab does not automatically pull data from any other tab. The tool is available using the Download button below: