What is CORIE?
Why do organisations care about CORIE?
-
Help you test your defences against such attacks and the real impact on your business
-
Provide visibility on the critical gaps in your security posture
-
Measure the effectiveness of your current controls against a realistic attacker
-
Highlight the effective controls and processes you are doing that must continue
-
Prioritise cyber investments and resources to make improvements in your cybersecurity strategy
What are the key components of the CORIE Framework?
Threat Intelligence-based scenarios:
Critical to the CORIE exercises are the Threat Intelligence-based scenarios – specific testing scenarios and attack patterns based on the tactics, techniques and procedures of known threat actors. At this stage, CTRL will curate scenarios fitting to your organisation’s unique needs, industry-specific and threat intelligence.
Scenario-based Adversary Simulation:
During the attack execution, CTRL’s Red Team will emulate the behaviour and attack patterns of threat actors.
Attack Reporting and Remediation Planning:
Through a CORIE exercise, a detailed report is produced to supply relevant and impactful insights to team members across all levels of the business. This is then followed by actionable strategies for your team to enable your business to implement action to mature your cybersecurity resilience. The report is then provided back to the Council of Financial Regulators on the exercises and their outcomes.
What does a typical CORIE Engagement look like at CTRL Group?
Threat Intelligence
-
Identify primary adversaries targeting the FI
-
Find adversaries’ modus operandi
-
Gather available information that will aid in the success of the modus operandi
-
Provide the FI with an understanding of the information available about them.
Adversary Attack Simulation
-
Assess people, processes, and technology end-to-end maturity with regards to cyber defence not otherwise assessed by traditional vulnerability assessment and security testing methodologies
-
Assess the FI’s security prevention, detection and response capability
-
Reveal attack paths and techniques that may have not been considered
-
Assess the maturity of the FI’s processes in reacting to adversaries