Understanding Zero Trust Security Implementations via the MITRE ATT&CK and D3FEND Frameworks: Uncovering Trends Across a Decade of Breaches
| dc.contributor.author | Menard, Philip | |
| dc.contributor.author | Reyes, Elizabeth | |
| dc.contributor.author | Bateman, Ray | |
| dc.date.accessioned | 2024-12-26T21:06:00Z | |
| dc.date.available | 2024-12-26T21:06:00Z | |
| dc.date.issued | 2025-01-07 | |
| dc.description.abstract | Information sharing is paramount to operating within the modern business domain. However, with information sharing comes the risk of data breaches. One of the key challenges facing organizations is the ability to trace, and therefore trust, digital information flows. Due to its central philosophy of verifying network traffic before trusting it, zero trust security is an approach to cyber defense architecture that is rapidly gaining popularity across organizations. Although fully adopting zero trust should greatly reduce an organization’s likelihood of suffering a breach, organizations adopt zero trust in varying degrees. In this manuscript, we aim to better understand how zero trust has been adopted over the last decade, using Verizon’s Data Breach Incident Report dataset as a representative sample whereby we may infer lack of zero trust adoption via observable breaches. We find that certain aspects are positively correlated with breach occurrences, while others are negatively associated. | |
| dc.format.extent | 9 | |
| dc.identifier.doi | 10.24251/HICSS.2025.231 | |
| dc.identifier.isbn | 978-0-9981331-8-8 | |
| dc.identifier.other | c13323a3-9b39-43b1-9dc2-b42dc77d92cb | |
| dc.identifier.uri | https://hdl.handle.net/10125/109071 | |
| dc.relation.ispartof | Proceedings of the 58th Hawaii International Conference on System Sciences | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.subject | Cybersecurity and Privacy in Government | |
| dc.subject | zero trust; cybersecurity; cyber attacks; threat intelligence; attack and defend | |
| dc.title | Understanding Zero Trust Security Implementations via the MITRE ATT&CK and D3FEND Frameworks: Uncovering Trends Across a Decade of Breaches | |
| dc.type | Conference Paper | |
| dc.type.dcmi | Text | |
| prism.startingpage | 1861 |
Files
Original bundle
1 - 1 of 1