Cyber Kill Chain: The Anatomy of a Cyber Attack

In this session, Rakesh Burgul (INS) looks at a cyber security model called the cyber kill chain. The idea originates from the American Defence contractor Lockheed Martin and is a way of looking cyber attacks from the attackers perspective. There are variants of the kill chain but in general, this structured approach to a cyber attack makes it easier for defenders to decide on cyber protections and at which point we might intervene in order to prevent cyber-attacks. When combined with a strong cyber intelligence capability, the cyber kill chain can be a powerful tool to anticipate attacks and defend your organisation. You should note that this will not be a technical presentation but will look at concepts and ideas instead. In this session, Rakesh will use the cyber kill chain as a mechanism to educate ourselves. He will cover: An introduction to the cyber kill chain How to think about cyber-attacks in relation to the kill chain Look at case studies in nuclear and non-nuclear environments that illustrate the use of the kill chain Look at the cyber-security controls available at each of the stages in order to intervene or interdict How strong intelligence can be used along with the kill chain to anticipate attacks