Use the following SANS 20 critical security controls to break the so-called cyber kill chain:
If an organization experiences an intrusion, however, it does not necessarily mean that they will experience a substantial loss of sensitive data. A critical time period exists during an attack – the period of time after the attacker has established a presence in the targeted environment, but before the attacker has been able to identify, access and exfiltrate key data. If an intrusion is detected before critical data is exfiltrated, the impact can be minimized. Organizations must develop capabilities not only to prevent successful attacks, but also to detect attacks in progress.
In this webinar, Solutionary will present one approach to develop these capabilities. This approach maps the defensive techniques presented in the SANS 20 Critical Security Controls to the attack phases described in the Cyber Kill Chain. By ensuring that controls exist to detect each step of the kill chain, organizations provide themselves with the best opportunity to detect attacks.