What is the cyber kill chain? Why it’s not always the right approach to cyber attacks

As an infosec professional, you’ve likely heard about using a cyber kill chain, also known as a cyber attack lifecycle, to help identify and prevent intrusions. Attackers are evolving their methods, which might require that you look at the cyber kill chain differently. What follows is a recap of what the cyber kill chain approach to security is and how you might employ it in today’s threat environment.

What is a cyber kill chain?

In military parlance, a “kill chain” is a phase-based model to describe the stages of an attack, which also helps inform ways to prevent such attacks.

The closer to the beginning of the kill chain an attack can be stopped, the better. The less information an attacker has, for instance, the less likely someone else can use that information to complete the attack later.