Company arms the cybersecurity community with best practices aligned to NIST CSF and MITRE ATT&CK to proactively protect the human attack surface
WASHINGTON, D.C., U.S., June 15, 2023 /EINPresswire.com/ — Most organizational breaches today continue to be the result of human-centric attacks involving social engineering and credential compromise, according to Verizon’s 2023 DBIR report. These attacks persist because they rely on the exploitation of the largest security gap companies have: the human attack surface of employees, contractors, and third parties. With threat actors now having the capability to leverage AI, the effectiveness and scale of these human-centric attacks are increasing to unprecedented levels.
“As the first framework dedicated to social engineering and human compromise risk reduction, HASP sets the standard for the industry.” Jim Routh, Former CSO and CISO
Cyber defenders lack a holistic and comprehensive cybersecurity framework to address the human attack surface, which sits at the intersection of open-source intelligence (OSINT) and social engineering. As the leader in the field of human attack surface protection, Picnic Corporation has taken the lead to bring together thought leaders and create a critical framework to directly address human-centric attacks.
In an effort to fill the defensive gap, the company has just announced the release of the Human Attack Surface Protection (HASP) Framework, an original roadmap to help organizations proactively protect their human attack surfaces and reduce the risk of human-centric attacks involving social engineering and exposed data. The HASP Framework has been developed by Picnic in collaboration with cybersecurity experts worldwide. It is aligned to NIST CSF and MITRE ATT&CK with the goal of arming the cybersecurity community
with best practices that directly and proactively reduce the human attack surface. “As the threat landscape continues to evolve, it’s essential that we provide our customers with the most comprehensive solutions,” says Matt Polak, Founder and CEO of Picnic. “Our
partnership with leading cybersecurity experts and the launch of our HASP Framework underscores our commitment to proactively protecting against attacks that exploit the human element.”
Born out of a deep understanding of threat actor reconnaissance techniques and TTPs that leverage the human attack surface, the HASP Framework serves as a North Star for how the industry tackles the problem of human-centric attacks. Its founding contributors include Jim Routh, Former CSO and CISO; Rachel Tobac, CEO of SocialProof Security; Robert M. Lee, Founder and CEO of Dragos; Lt. Gen. Charles L. Moore Jr., Deputy Commander, U.S. Cyber Command (ret.); Timothy J. “TJ” White, Vice Admiral & Commander of Fleet Cyber Command, 10th Fleet, and Navy Space Command (ret.); Chris Key, Former Chief Product Officer of Mandiant and Founder of Verodin; Niloofar Razi Howe, Cybersecurity Strategist and Executive; Ben Fried, Former CIO of Google; Jessica Brooks, VP, Cybersecurity Compliance of Goldman Sachs; Jim Somborovich, Cybersecurity Leader & Veteran (USMC); Jonathan Cran, Product & Engineering Leader at Google; Frank Catucci, CTO & Head of Security Research at Invicti Security, and other leading experts in the field.
By leveraging HASP, organizations can effectively protect their human attack surface, resulting in an improved overall security posture, more focused intelligence, a lower number of active threats, less attention fatigue at the SOC, and reduced cybersecurity operating expenses.
“HASP is specifically designed to provide organizations with the roadmap to preemptively address their human attack surface data and dramatically reduce their risk of falling victim to a breach,” says Parag Baxi, VP of Product at Picnic Corporation. “We have utilized this framework in our own product development and, in doing so, we are able to provide our customers with the most advanced human attack surface protection solution possible.”
The HASP Framework is a tangible example of Picnic’s thought leadership and expertise in the field of human-based cybersecurity, and its launch marks a major milestone in the industry’s efforts to fill the largest defensive void in cybersecurity.
“As the first framework dedicated to social engineering and human compromise risk reduction, HASP sets the standard for the industry,” says Jim Routh, Former CSO and CISO. “Picnic is at the forefront of this critical issue and this framework, especially in tandem with Picnic’s platform, helps organizations ensure the highest level of protection for their people.”
For more information about HASP and how it can help protect your organization from social engineering and credential stuffing attacks, please visit https://getpicnic.com/human-attacksurface-protection-framework/ or contact [email protected].
About Picnic
Picnic Corporation is an innovative cybersecurity firm that provides enterprises with the capability to manage their external human attack surface and to detect, prevent, and protect against social engineering and credential stuffing attacks. Picnic’s platform automatically emulates threat actor reconnaissance on the public data footprint of an organization and its people for defensive purposes. Our technology continuously monitors and reduces company and employee OSINT exposure, commonly leveraged for social engineering and initial access, preemptively disrupts attacker reconnaissance and resource development, and proactively neutralizes human risk beyond the corporate perimeter to prevent organizational compromise. For more information, contact Picnic at [email protected], visit us at getpicnic.com, and follow us on Twitter and LinkedIn.
For media inquiries, contact us at: [email protected]