From ATT&CKcon 4.0 By Phil Davies, Distilled Security "You have had a pen test, a red team or a threat intelligence report and drawn up a plan for remediation. You have been told you have 15 mins in front of the CFO in 48 hours! How do you show ,on one page, the connection between the techniques you are exposed and vulnerable to, the path of least resistance and the focused control changes required right now? How will the CFO get the picture so the result is ""I get it, what do you need?"" Understanding ATT&CK as a practitioner is great with the current matrix but it is inaccessible to the CFO. But it doesn't have to be that way. Phil will chart the journey to improved visualisation of ATT&CK techniques. He will show how the DNA of ATT&CK doesn’t just make ATT&CK accessible for all but that it can be beautiful!"