Many cyber-security teams have turned to
a well-understood military concept, the kill chain, which details how
adversaries structure their attacks.
In the quest to stay
ahead of cyber-threats, many cyber-security teams have turned to a
well-understood military concept, the kill chain, which details how
adversaries structure their attacks. They are working to implement their
own defenses in order to anticipate and react to where the attacks are
coming from. But Chris Coleman, CEO of LookingGlass, said that most
common security architectures do not address the complete concept of the
cyber kill chain and instead just defend their organization's
perimeter. "Organizations are faced with threats that are continuously
evolving to avoid detection before and after their targets are
exploited. Ideally, threats are mitigated early in the cyber kill chain.
This avoids the threat actor gaining a foothold within an organization
to attack laterally and find higher value assets," said Allan Thomson,
CTO of LookingGlass Cyber Solutions, which focuses on addressing threats
throughout the life cycle. Below are his tips on how to handle threats
during seven stages of the chain: reconnaissance, weaponization,
delivery, exploitation, installation, command-and-control, and
privileged operations, resource access and exfiltration. The report
features Gartner research.
EmoticonEmoticon