Back to basics

What is the cyber kill chain? Why it's not always the right approach to cyber attacks

Lockheed Martin's cyber kill chain approach breaks down each stage of a malware attack where you can identify and stop it, but be aware of how attack strategies are changing.

1 2 Page 2
Page 2 of 2

That's a treasure-trove of low-hanging fruit, said Nils Swart, head of products at Skyport Systems, Inc. "I'd expect more datasets to become available," he said. 

Beyond the firewall 

The traditional cyberattack life cycle also misses attacks that never touch enterprise systems at all. For example, companies are increasingly using third-party software-as-a-service (SaaS) providers to manage their valuable data. "Compromising credentials into SaaS applications means there are no exploits, no installation," said Johnson. 

Defending against attackers who buy their logins on the black market and never even touch a company's own infrastructure requires a completely different defense strategy, such as switching to a centralized, single sign-on system with two-factor authentication. 

Then there are the attacks against third-party providers -- or even fourth party providers. Law firms, marketing firms, and other vendors may have access to sensitive corporate documents. Financial institutions often use third-party processing systems. Health organizations routinely rely on outside vendors. 

To avoid breaches and regulatory fines, organizations need security processes that reach beyond the boundaries of their own networks. That includes document management systems, third-party audits, and vendor agreements that require providers to main needed security controls and have adequate cyber insurance policies. 

"We need to rethink the attack life cycle to include visibility of data beyond enterprise walls, wherever it travels, and to offer people a better way to control what happens to their data once it leaves the network," said Salvatore Stolfo, professor of computer science at Columbia University and the founder and CTO at Allure Security Technology. 

1 2 Page 2
Page 2 of 2
NEW! Download the Fall 2018 issue of Security Smart