Today's top stories

What is the cyber kill chain? Why it's not always the right approach to cyber attacks

Lockheed Martin's cyber kill chain approach breaks down each stage of a malware attack where you can identify and stop it, but be aware of how attack strategies are changing.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

As an infosec professional, you’ve likely heard about using a cyber kill chain, also known as a cyber attack lifecycle, to help identify and prevent intrusions. Attackers are evolving their methods, which might require that you look at the cyber kill chain differently. What follows is a recap of what the cyber kill chain approach to security is and how you might employ it in today’s threat environment.

What is a cyber kill chain?

In military parlance, a "kill chain" is a phase-based model to describe the stages of an attack, which also helps inform ways to prevent such attacks. These stages are referred to as:

Find
Fix
Track
Target
Engage
Assess

The closer to the beginning of the kill chain an attack can be stopped, the better. The less information an attacker has, for instance, the less likely someone else can use that information to complete the attack later.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.