Why threat modeling and adversary emulation

Question: The Board of Directors of your company has asked the Chief Information Security Officer (CISO), who is your boss, how well protected the organization is against ransomware. The CISO knows you have been studying threat modeling and asks you to develop a PowerPoint presentation describing the process that could be used to emulate threat actors who have a known history of employing ransomware. The CISO will use this presentation to gain approval from the CEO for conducting a focused penetration test to highlight where you may be vulnerable to a ransomware attack.

Utilizing your readings from this week, especially those related to the MITRE ATT&CK framework and PTES Threat Modeling information, develop a PowerPoint presentation, which does not exceed 15 slides, that explains why threat modeling and adversary emulation is valuable and how it could be used to guide a penetration test. Your presentation should include