CSO Perspectives (Pro) 5.26.20
Ep 8 | 5.26.20

Intrusion kill chains: a first principle of cybersecurity.

Show Notes

The intrusion kill chain is a cybersecurity first principle strategy.

Why work in the past when you can thrive in the future? The intrusion kill chain is an evolution over the antiquated concepts of defense in depth and tactical cybersecurity. In this lesson, Rick discusses the genius of the intrusion kill chain strategy, the seven attacker milestones that define every kill chain, and how to implement kill chain prevention with limited resources. The episode includes a detailed case study about implementing the strategy against APT 34 (OilRig) with Ryan Olson, Vice President of Threat Intelligence at Palo Alto Networks. 

Cybersecurity professional development and continued education.

You will learn about: defense-in-depth vs. intrusion kill chains, the 7 milestones of every successful attack, how to defend against a threat actors using the kill chain.

CyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, Instagram

Additional first principles resources for your cybersecurity program.

For more intrusion kill chain and cybersecurity first principles resources, check the topic essay.

Selected Reading:

  1. “Compressing the Kill Chain” By Adam J. Hebert. 1 March 2003
  2. “Defense-In-Depth Against Computer Viruses” by Fred Cohen, Computers and Security, Volume 11, Issue 6, pp.563-579, ISSN 0167-4048, October 1992
  3. "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains” by Eric Hutchins, Michael Cloppert, Rohan Amin, Lockheed Martin Corporation, 2010
  4. “Trends In Computer Virus Research” by Fred Cohen, VXHeaven, sponsored by ASP, 1991