Twitter Facebook LinkedIn Flipboard 1 While “The Cyber Kill Chain” sounds like the latest Die Hard installment (we get it Bruce, you’re tough – move on) it’s actually an incident-response analysis model developed by Lockheed Martin. It lays out seven stages cyber attackers go through when they set out to bust into your system. The stages also sound like something out of an action movie. (Not to make light of cyber attacks for obvious reasons, but it’s possible that the team behind this model got a wee bit carried away and could benefit from some fresh air and vitamin D.) Reconnaissance Weaponization Delivery Exploitation Installation Command & Control (or C2) Action on Objectives It sounds exciting and frightening but in reality attackers can breeze through steps one to six in relatively little time. For example, when sending a virus or malware out via email with a catchy subject line such as, “Nigerian prince wants to give you $1 million,” or the ever-enticing, “Oprah loves this and you will too!” Step seven – carrying out the actual cyber crime itself, can take days or months. Not really action movie worthy. Some view the Cyber Kill Chain as a useful framework for knowing where and how to break the chain and prevent an attack. The chain also shows that there are plenty of opportunities to get out ahead of attackers (stages one to six) rather than waiting till they’ve reached stage seven and reacting after the fact. Others suggest that it’s too intrusion-centric and old-school; a build-a-wall-around-it way of thinking about security that focuses mainly on malware, which is not the primary threat it once was. Instead of focusing on perimeters we should be using breach detection systems that detect changes in user behavior early on. The more data you collect about your systems long before an attack occurs, the more quickly you will be able to detect an anomaly and shut down it down before any damage can be done. Whichever way you see it, the answer is clear: prevention is better than response. (Even if it doesn’t make for a good action movie or 6.) Yippee ki-yay… well, you know. Twitter Tweet Facebook Share Email This article originally appeared on revert.io and has been republished with permission.Find out how to syndicate your content with B2C Author: Kat Popovic Follow @katpopovic Kat is a copywriter & blogger in LA, where she's lived for 15 years. A regular blogger for cloud-to-cloud backup company Revert.io, she understands the business side of business, but also the power of creativity. She loves meeting & working with new people to help them tell their stories at CopyKatLA.… View full profile ›More by this author:What to Do if Your Identity Is SwipedHow Safe Are Your Passwords?Get Out in Front of Data Loss