Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

What is the cyber kill chain? Why it's not always the right approach to cyber attacks

Maria Korolov, Lysa Myers | Nov. 8, 2017
Lockheed Martin's cyber kill chain approach breaks down each stage of a malware attack where you can identify and stop it, but be aware of how attack strategies are changing.

Then there are the attacks against third-party providers -- or even fourth party providers. Law firms, marketing firms, and other vendors may have access to sensitive corporate documents. Financial institutions often use third-party processing systems. Health organizations routinely rely on outside vendors. 

To avoid breaches and regulatory fines, organizations need security processes that reach beyond the boundaries of their own networks. That includes document management systems, third-party audits, and vendor agreements that require providers to main needed security controls and have adequate cyber insurance policies. 

"We need to rethink the attack life cycle to include visibility of data beyond enterprise walls, wherever it travels, and to offer people a better way to control what happens to their data once it leaves the network," said Salvatore Stolfo, professor of computer science at Columbia University and the founder and CTO at Allure Security Technology. 

More on cyber attacks:

IDG Insider

 

Previous Page  1  2  3  4  5  6 

Sign up for CIO Asia eNewsletters.