An Incident and Threat Management series by PwC
PwC cybersecurity professionals provide an inside glimpse into cyber attacks and reveal tactics and techniques that are common and yet often go undetected. PwC arms you with ways to mitigate the threat actors and their methods to exploit prevalent exposures.
This Incident and Threat Management series is for cyber specialists on the frontlines who want to confidently weaken adversaries. The introductions to each issue are a 1-minute brief for executives who want to understand the fundamental challenges.
PwC uses the the MITRE ATT&CK framework and knowledge base of adversary tactics and techniques based on real-world observations.
*This content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors.
| Name | Description | PwC ITM Spotlight |
|---|---|---|
| Initial access | The techniques adversaries use to gain footing in a network. | |
| Execution | Techniques that allow an adversary to control code on a system. | |
| Persistence | Any activity that allows an adversary persistent system presence. | |
| Privilege escalation | The result of actions that allow an adversary to obtain a higher level of permissions on a system or network. | Forthcoming |
| Defense evasion | Techniques an adversary uses to avoid detection or other defenses. | |
| Credential access | Techniques that allow access to or control over a system or domain. | Detecting malicious actors who attempt to compromise credentials that access your IT assets |
| Discovery | Techniques allowing an adversary to gain system knowledge.
|
Inside the discovery phase of a cyberattack--and what you can do to counter it |
| Lateral Movement | Techniques that enable an adversary to access and control remote systems on a network. | Forthcoming |
| Collection | Techniques used to gather information prior to exfiltration. | |
| Exfiltration | Techniques that allow an adversary to remove sensitive information. | |
| Command and control | Methods for adversaries to communicate with systems under their control. |
