This post is authored by Jonathan Trull, Worldwide Executive Cybersecurity Advisor, Enterprise Cybersecurity Group. The cyber kill chain describes the typical workflow, including techniques, tactics, and procedures or TTPs, used by attackers to infiltrate an organization’s networks and systems.
Over the past decade, billions around the world have benefited from the exponential growth of the online environment and associated economic opportunities. However, this pervasive use of computing has also given rise to the more nefarious elements of the criminal underworld.
Sun Tzu wrote that mastery in the art of war is about subduing one’s enemy without having to fight. As the modern world contends with increasingly sophisticated cyberattacks from both criminal and political adversaries, this 2500-year-old cliché is key to enterprise security strategy.
After three years of intense negotiations, the EU finally reached agreement on the Network and Information Security (NIS) Directive this past December. Politically, all that remains to be done is for the text to be formally approved by the European Parliament and the Council of the EU in the coming months.
This week, I testified before the U.S. Senate Committee on Homeland Security and Governmental Affairs at a hearing on “Protecting America from Cyber Attacks: the Importance of Information Sharing.
