The Center for Internet Security Community Defense Model (CIS CDM) is how to identify critical attacks. The session will cover the process of using attack summaries (Verizon DBIR), describing them (MITRE ATT&CK framework), and translating them into defensive action (CIS Critical Security Controls and the CIS Benchmarks). Will discuss adapting the process for many other risk and defensive analyses.