Tidal Cyber has announced that Richard Struse, Chief Technology Officer and Co-Founder, has been appointed to the newly established MITRE ATT&CK Advisory Council. This independent council was formed to help guide the long-term sustainability and strategic direction of the globally recognized MITRE ATT&CK program. As cyber threats continue to evolve in complexity and scale, the creation of this advisory body marks an important step in strengthening one of the industry’s most widely adopted threat intelligence frameworks.
Struse brings extensive experience in threat-informed defense and the operational application of MITRE ATT&CK. Before co-founding Tidal Cyber, he created and co-founded MITRE’s Center for Threat-Informed Defense, where he collaborated with global enterprises and government organizations to advance practical implementations of ATT&CK. Through this work, he helped organizations move beyond theoretical mapping and toward measurable security improvements.
Cyber Technology Insights: Tidal Cyber Partners with Crimson7 to Strengthen Threat-Led Defense and Hunting Intelligence
Earlier in his career, Struse also led the development of STIX and TAXII cyber threat intelligence standards. These standards established a structured architecture for intelligence sharing across industries and governments, laying critical groundwork for modern threat intelligence collaboration. Notably, these innovations later became foundational components of MITRE ATT&CK’s structural framework.
Across the cybersecurity landscape, professionals rely on MITRE ATT&CK as a practical reference model that systematically outlines how adversaries operate, drawing from documented attack patterns observed in actual incidents. Today, it functions as a shared taxonomy for cybersecurity professionals, enabling consistent communication, classification, and analysis of threat activity across the global security ecosystem.
“MITRE ATT&CK transformed how the industry classifies and communicates adversary tactics and techniques,” said Richard Struse, CTO and co-founder of Tidal Cyber. “Having helped advance its operational use through the Center for Threat-Informed Defense, I’m honored to join the Advisory Council and contribute to ensuring ATT&CK continues to evolve as a trusted and globally relevant foundation for defenders.”
Struse’s appointment comes at a pivotal time for Tidal Cyber. Recently, the company announced a significant evolution of its Threat-Led Defense platform, shifting its operating model to focus on adversary procedures the specific, step-by-step actions attackers execute to achieve their objectives. While traditional security programs have primarily mapped defenses to tactics and techniques, this approach often stops short of modeling how attacks unfold in practice.
Cyber Technology Insights: Tidal Cyber Appoints Cat Self to Lead Adversary Research Strategy
Therefore, Tidal Cyber’s procedure-led model introduces an execution layer that bridges the gap between high-level technique categorization and real-world attack execution. By doing so, organizations can model the precise steps attackers take, identify where defenses fail during execution, and prioritize security investments based on their ability to disrupt attacker success.
“ATT&CK provides the taxonomy,” Struse continued. “Threat-Led Defense establishes the execution layer. Procedures are the exact steps attackers take to succeed. When you turn adversary procedures into measurable objects, you move beyond mapping coverage and start identifying the points where disrupting the attack has the greatest impact. That shift from classification to prioritized disruption defines the category we’ve created.”
Through its expanding Procedures Library and NARC AI engine, Tidal Cyber operationalizes adversary procedures as structured, measurable components. The platform transforms unstructured threat intelligence into actionable, execution-specific guidance, enabling organizations to quantify residual risk and reduce the likelihood of successful attacks.
Notably, although the MITRE ATT&CK Advisory Council provides high-level strategic input, it does not exercise direct control or decision-making authority over the framework itself. Instead, MITRE will evaluate and consider the Council’s recommendations as it continues evolving ATT&CK to serve the global cybersecurity community.
Overall, Struse’s appointment reinforces the growing emphasis on operationalizing threat intelligence and bridging the gap between classification and disruption an evolution that aligns closely with the future direction of modern cybersecurity defense strategies.
Cyber Technology Insights: Tidal Cyber Introduces Waves of Influence Thought Leadership Program
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
