We are excited to announce that the call for participation has been finalized for MITRE Engenuity’s ATT&CK Evaluations: Managed Services – Round 2. This annual evaluation is an essential part of our efforts to contribute to understanding the efficacy of the people, process, and technology relevant to security programs built to address adversary behavior. Much like its predecessors, 2023’s Managed Services Evaluation seeks to provide unbiased results that can inform cyber defenders how to better utilize and/or acquire the offerings that will make the difference for their organizations.
Welcome Managed Services 2023 Participants!
Last year, before launching our first Managed Services Evaluation, we surveyed participants to learn more about how organizations that rely on managed services view their position in the marketplace. The results proved how critical this annual ATT&CK Evaluation is. Of the organizations, surveyed, 58% relied on managed services to either complement their in-house security operations center (SOC), or as their main line of defense. When considering companies under 5,000 employees, the number jumped to 68%. Meanwhile, roughly half of these did not have high confidence in their managed service’s people or technology. This pales in comparison to those that leverage in-house SOCs, where confidence is far higher at 75%.
For this reason and more, we are thrilled to begin the 2023 Managed Services ATT&CK Evaluation. This second round of Managed Services ATT&CK Evaluations features numerous improvements to detract from interpretations emphasizing mere detection count and empower deeper analyses of the unique offering of each managed service provider within the context of the Emulation Plan. These improvements address key questions and comments from participants, which is critical to the ATT&CK Evaluations process and ethos. A blog post outlining the specifics of improvements will be published soon.
As always, our benchmarks for success are as follows:
© 2023 MITRE Engenuity, LLC. Approved for Public Release. Document number AT0054