Kill Chain Tactics In Network Security

Written by: Francesco Trama | Published on: November 4th, 2016

About The Author

Francesco Trama
As Chief Executive Officer and Founder, Francesco is responsible for the overall operating performance, leading the strategic direction of the company’s products and solutions internally while building technical and business credibility externally as a market-facing thought leader.

I read a good article on Kill Chain tactics. The article subtile was:

What does the Library of Sparta have to do with modern IT security? Military strategies are increasingly common in cybersecurity – and with good reason

I understood the thinking, just not applicable for all businesses. Below is the response I wrote. I thought it would be useful to everyone if you’re considering this approach. I wouldn’t want you to get bogged down.

My Response: (Slightly modified)

Although I agree in the kill chain thinking, being ex-military myself. I get it, makes sense because we’re thinking down these lines already because in part its our business.

There’s much we can all learn in today’s military tactics, but we have to keep in mind – military tactics are based on many factors such as scale of force, enemy capabilities, size, and theater of operation.Equinox-Tactical-Spartan-Race-768x432.jpg

To me it would seem this particular tactic would be useful for the cyber security forensic labs, Government, Military, or large heavily vested enterprises. The reality in the SMB or SME space is time, training, persistence, tools, and budget. The SMB, and SME is where huge network security problems are and magnified, because it’s urban warfare, and a door-to-door street fight. At this level combat tactics change, and decisions here must be made quickly with low resources, tools, and time. Kill Chain tactics would not be as effective because there are too many pieces missing.

I would rather have a blend of offense and defense – shoot and scoot, clean up, secure, always pushing the perimeter outward, defend ground, and repeat. Let the attackers try and figure out the Kill Chain and we’ll focus on finding, and eliminating their capabilities.{{cta(‘276ea17d-e7d1-4851-acb5-5a94e45af9a6′,’justifycenter’)}}