Cyber. Security

Respond …. Agree or disagree … 100 min word

The essence of an intrusion is that the aggressor must develop a payload to breach a trusted boundary, establish a presence inside a trusted environment, and from that presence, take actions towards their objectives. The intrusion kill chain is defined as reconnaissance, weaponization, delivery, exploitation, installation, command and control (C2), and actions on objectives. The cyber kill chain is a categorization of steps that trace stages of a cyber attack from the initial reconnaissance stages to the exfiltration of data — this aids in understanding and combat ransomware, security breaches, and advanced persistent attacks (APTs). The stages range from reconnaissance to the lateral movement to data exfiltration. The cybersecurity defense lifecycle has a NIST Framework created to help organizations reduce and better manage cyber risks. It depicts the phases of a continuous lifecycle on a continuum like so: identify, protect, detect, respond, and recover. The weakest spots in an organization’s security posture occur at the intersection of the attack surface, attack vectors, and lack of controls in place. Identifying these weak spots should be the first objective of all cybersecurity programs.

References

7 Stages Of Cyber Kill Chain Supplementary Reading. (n.d.). Retrieved from https://www2.deloitte.com/content/dam/Deloitte/sg/Documents/risk/sea-risk-cyber

What Is The Cyber Kill Chain And How To Use It (n.d.). Retrieved from https://www.varonis.com/blog/cyber-kill-chain/