Richard Struse Joins MITRE ATT&CK Advisory Council, Enhancing Cyber Defense Strategy
On March 2, 2026, Tidal Cyber made a significant announcement regarding the appointment of Richard Struse, the Co-Founder and Chief Technology Officer, to the newly established MITRE ATT&CK® Advisory Council. This independent council is dedicated to ensuring the sustainability and strategic evolution of the MITRE ATT&CK program, a globally recognized framework for understanding adversary behavior in cybersecurity.
Richard Struse brings a wealth of experience to the council, having been a visionary leader in threat-informed defense. Before co-founding Tidal Cyber, he was instrumental in launching MITRE's Center for Threat-Informed Defense. In this role, he collaborated with international enterprises and governmental bodies, enhancing the practical applicability of the ATT&CK framework. His earlier achievements include developing the STIX™ and TAXII™ standards for cyber threat intelligence, which laid the groundwork for effective information sharing across various sectors. These innovations have since become essential components of MITRE ATT&CK's foundational structure.
MITRE ATT&CK offers a comprehensive repository of adversary tactics and techniques based on real-world observations, serving as a common language for the cybersecurity community. As Richard Struse stated, "MITRE ATT&CK transformed how the industry classifies and communicates adversary tactics and techniques." He expressed his gratitude for joining the Advisory Council, emphasizing his commitment to ongoing improvements in the framework to serve the global defense community effectively.
Tidal Cyber is recognized as a pioneering force in Threat-Led Defense, a concept that prioritizes operational tactics over basic attack techniques. Struse's appointment aligns with the company’s recent announcement regarding an innovative evolution of its Threat-Led Defense platform, which has been redefined to focus on adversary procedures. This approach highlights the concrete, step-by-step actions attackers take to achieve their objectives, shifting the focus from mere classification to understanding execution in cybersecurity.
For over a decade, cybersecurity initiatives have primarily sought to align defenses with a taxonomy of tactics and techniques. While this classification laid the groundwork for common understanding, it often overlooked the actual mechanisms that lead to successful attacks. Tidal Cyber's procedure-led model introduces a vital execution layer that allows organizations to map out the exact steps attackers take, pinpoint vulnerabilities in defenses during execution, and prioritize actions to disrupt the success of attacks effectively.
Struse elaborated, stating, "ATTCK provides the taxonomy. Threat-Led Defense establishes the execution layer. Procedures are the exact steps attackers take to succeed." He highlighted that by transforming adversary procedures into quantifiable objects, organizations can move past simple defensive mapping and begin to identify critical intervention points that can dramatically disrupt attacks. This strategic shift from classification to disruption forms the foundation of Tidal Cyber's unique position in the industry.
The Threat-Led Defense platform operationalizes defensive procedures, structuring them into measurable objects that organizations can utilize. With an expanding Procedures Library and the NARC AI engine, Tidal Cyber is at the forefront of reformulating unstructured threat intelligence into actionable guidance. This empowers organizations to assess and mitigate the probability of successful attacks while reducing overall residual risk.
It’s important to note that while the MITRE ATT&CK Advisory Council provides strategic input, it does not govern the ATT&CK framework. MITRE will take into account the council's insights as they continue to advance the ATT&CK program for the global cybersecurity community.
In summary, Richard Struse's role on the MITRE ATT&CK Advisory Council represents a pivotal step in refining cybersecurity strategies. As Tidal Cyber continues to push boundaries in Threat-Led Defense, organizations can expect enhanced guidance and support in operationalizing their defenses against evolving threats.
Richard Struse brings a wealth of experience to the council, having been a visionary leader in threat-informed defense. Before co-founding Tidal Cyber, he was instrumental in launching MITRE's Center for Threat-Informed Defense. In this role, he collaborated with international enterprises and governmental bodies, enhancing the practical applicability of the ATT&CK framework. His earlier achievements include developing the STIX™ and TAXII™ standards for cyber threat intelligence, which laid the groundwork for effective information sharing across various sectors. These innovations have since become essential components of MITRE ATT&CK's foundational structure.
MITRE ATT&CK offers a comprehensive repository of adversary tactics and techniques based on real-world observations, serving as a common language for the cybersecurity community. As Richard Struse stated, "MITRE ATT&CK transformed how the industry classifies and communicates adversary tactics and techniques." He expressed his gratitude for joining the Advisory Council, emphasizing his commitment to ongoing improvements in the framework to serve the global defense community effectively.
Tidal Cyber is recognized as a pioneering force in Threat-Led Defense, a concept that prioritizes operational tactics over basic attack techniques. Struse's appointment aligns with the company’s recent announcement regarding an innovative evolution of its Threat-Led Defense platform, which has been redefined to focus on adversary procedures. This approach highlights the concrete, step-by-step actions attackers take to achieve their objectives, shifting the focus from mere classification to understanding execution in cybersecurity.
For over a decade, cybersecurity initiatives have primarily sought to align defenses with a taxonomy of tactics and techniques. While this classification laid the groundwork for common understanding, it often overlooked the actual mechanisms that lead to successful attacks. Tidal Cyber's procedure-led model introduces a vital execution layer that allows organizations to map out the exact steps attackers take, pinpoint vulnerabilities in defenses during execution, and prioritize actions to disrupt the success of attacks effectively.
Struse elaborated, stating, "ATTCK provides the taxonomy. Threat-Led Defense establishes the execution layer. Procedures are the exact steps attackers take to succeed." He highlighted that by transforming adversary procedures into quantifiable objects, organizations can move past simple defensive mapping and begin to identify critical intervention points that can dramatically disrupt attacks. This strategic shift from classification to disruption forms the foundation of Tidal Cyber's unique position in the industry.
The Threat-Led Defense platform operationalizes defensive procedures, structuring them into measurable objects that organizations can utilize. With an expanding Procedures Library and the NARC AI engine, Tidal Cyber is at the forefront of reformulating unstructured threat intelligence into actionable guidance. This empowers organizations to assess and mitigate the probability of successful attacks while reducing overall residual risk.
It’s important to note that while the MITRE ATT&CK Advisory Council provides strategic input, it does not govern the ATT&CK framework. MITRE will take into account the council's insights as they continue to advance the ATT&CK program for the global cybersecurity community.
In summary, Richard Struse's role on the MITRE ATT&CK Advisory Council represents a pivotal step in refining cybersecurity strategies. As Tidal Cyber continues to push boundaries in Threat-Led Defense, organizations can expect enhanced guidance and support in operationalizing their defenses against evolving threats.
Topics Other)
【About Using Articles】
You can freely use the title and article content by linking to the page where the article is posted.
※ Images cannot be used.
【About Links】
Links are free to use.