IEEE Access (Jan 2024)

Research on Improving Cyber Resilience by Integrating the Zero Trust Security Model With the MITRE ATT&CK Matrix

  • Gwanghyun Ahn,
  • Jisoo Jang,
  • Seho Choi,
  • Dongkyoo Shin

DOI
https://doi.org/10.1109/ACCESS.2024.3417182
Journal volume & issue
Vol. 12
pp. 89291 – 89309

Abstract

Read online

With the advent of the digital information age, the dynamics of cyberspace are rapidly evolving, resulting in a significant increase in cyber threats. In this paper, we propose to integrate the Zero Trust (ZT) security model and the MITRE ATT&CK matrix to address the need for enhancing cyber resilience, which is an organization’s ability to recover quickly from a cyber-attack or security incident. This research focuses on a variety of cyber threats that pose significant risks to organizations, including phishing, ransomware, insider threats, and advanced persistent threats (APTs), which are prevalent in public sector organizations. These threats exploit vulnerabilities in an organization’s network and information systems. The ZT model’s principle of “never trust, always verify” ensures that all network traffic is inspected equally and emphasizes key elements such as micro-segmentation, continuous authentication, and the principle of least privilege. The findings of this study provide practical metrics for implementing and managing the effective integration of the ZT and ATT&CK models and demonstrate that this synergy can significantly improve an organization’s resilience to cyber threats. In addition to introducing a new paradigm in cybersecurity, the study highlights the importance of the Zero Trust model as an integral part of a modern security strategy and confirms that organizations can proactively analyze the evolving cyber threat landscape to ensure a more secure and resilient digital future. In particular, the integration between ZT and the MITRE ATT&CK matrix is essential, as current security approaches do not fully address the complexity and sophisticated nature of various cyber threats. These research gaps are identified, and practical solutions are proposed to integrate the two models, thereby strengthening an organization’s cyber defense mechanisms.

Keywords