How to defend against advanced threats
Considering the ongoing spate of high-profile security breaches, it’s become obvious that traditional defense tools are not enough to protect enterprises from advanced targeted attacks. The widely used castle-moat approach, which is based on strong perimeter and end-point protection alone, has failed to defend organizations against the evolving threat landscape and today’s advanced persistent threats.
Recent high-profile security breaches continue to worry organizations and are forcing new security strategies. Security executives are spending more time advising senior executives and other top business decision makers at their organization on security-related matters, according to the 2015 CSO Global State of Information Security survey.
It’s time to focus on a more inclusive strategy. To truly ensure that your organization is protected against advanced threats, you must better understand these attacks and how attackers are using advanced persistent threats to infiltrate your organization, compromise the security of your data, and cause irreparable business damage on a strong perimeter.
Enter the Cyber Kill Chain model
Modeled on evidence from actual network attacks, what is now known as the Cyber Kill Chain was first developed by researchers at Lockheed Martin, a global security and aerospace company that works closely with the U.S. Department of Defense and other U.S. government agencies as well as various international governments.
Designed with “a keen understanding of the adversary” to thwart advanced persistent threats, the Cyber Kill Chain has become a widely known, often quoted, and accepted reference in security circles. It has been adapted to meet the security needs of today’s enterprises, and is expected to become a standard to inform actionable security intelligence.
In today’s context, despite headlines on data breaches, it is essential to focus beyond penetration and perimeter defense. The Cyber Kill Chain is a tremendous tool which stresses the complexity of attacks and reminds us that they don’t start and stop at the breach stage. The enemy may be inside, but it doesn’t necessarily mean it has won already.
The Cyber Kill Chain can now be applied to enterprise infrastructure security requirements. It gives organizations a way to better understand how attackers use the cycle of compromise, persistence, and exfiltration to develop intrusion analysis and lay out appropriate defense plans along the entire security chain.
Proofpoint’s portfolio of advanced threat protection solutions maps to the Cyber Kill Chain model to fight advanced threats — and enables organizations to better stop advanced threats, detect them sooner, and automate threat response for faster threat remediation.
To help enterprises build stronger defenses and effectively protect against advanced threats, Proofpoint has produced a white paper, “Defending against Advanced Threats: Addressing the Cyber Kill Chain.” This report also incorporates the latest Gartner research and recommendations on how to address all seven phases of the Cyber Kill Chain.
Learn more on how to improve your security posture
