CAF Outcome D1.c: Testing and Exercising

From the UK NCSC's Cyber Assessment Framework (version 3.1):

Your organisation carries out exercises to test response plans, using past incidents that affected your (and other) organisation, and scenarios that draw on threat intelligence and your risk assessment.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

NCSC CAF Mapped to NIST CSF

D1.c: Testing and Exercising to CSF mappings generated from UK Cabinet Office table.

Search:

Control ID	Description
ID.SC-5	Response and recovery planning and testing are conducted with suppliers and third-party providers
RC.IM-2	Recovery strategies are updated
RC.IM-1	Recovery plans incorporate lessons learned
PR.IP-4	Backups of information are conducted, maintained, and tested
PR.IP-10	Response and recovery plans are tested

Showing 1 to 5 of 5 entries

ATT&CK Mitigations

MITRE ATT&CK mitigations which map to this CAF outcome, based on mappings by Ofgem.

Threat Intelligence Program

A threat intelligence program helps an organization generate their own threat intelligence information and track trends to inform defensive priorities to mitigate risk.

Related ISA/IEC 62443 Controls

Clauses and controls from IEC 62443 (62443-2-1 and 62443-3-3) which are related to this CAF outcome, taken from mappings by Ofgem.

Conduct drills (4.3.4.5.11)
ISA/IEC 62443-2-1:2009

Related SP800-53 Controls

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Search:

Node
IR-4: Incident Handling
IR-3: Incident Response Testing
IR-6: Incident Reporting
CP-4: Contingency Plan Testing
IR-8: Incident Response Plan
CP-2: Contingency Plan
IR-9: Information Spillage Response
CP-6: Alternate Storage Site
CP-9: System Backup
PM-14: Testing, Training, and Monitoring

Showing 1 to 10 of 10 entries

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against. This is based on the above mappings to ATT&CK mitigations by Ofgem.

Search:

ATT&CK ID	Title	Associated Tactics
T1656	Impersonation	Defense Evasion
T1210	Exploitation of Remote Services	Lateral Movement
T1211	Exploitation for Defense Evasion	Defense Evasion
T1212	Exploitation for Credential Access	Credential Access
T1068	Exploitation for Privilege Escalation	Privilege Escalation

Showing 1 to 5 of 5 entries

CAF Outcome D1.c: Testing and Exercising

Cyber Threat Graph Context

NCSC CAF Mapped to NIST CSF

ATT&CK Mitigations

Threat Intelligence Program

Related ISA/IEC 62443 Controls

Conduct drills (4.3.4.5.11)

Related SP800-53 Controls

MITRE ATT&CK Techniques