SpringerLink
Log in

Combating the Cyber-Security Kill Chain: Moving to a Proactive Security Model

  • Chapter
  • First Online:
Artificial Intelligence in Cyber Security: Impact and Implications

Abstract

A former boss of mine (Peter Drissell (https://www.linkedin.com/in/peter-drissell-b917896/) (Commandant General RAF Regiment Air Officer Royal Air Force Police) once delivered a presentation at a University lecture, which I had been attending. Here he made the following statement:

Many business leaders regard Security as being very expensive and virtually invisible. That is until it goes wrong, when it becomes very visible and considerably more expensive!

Ever since hearing this statement, I have sought to change this view. Having a proactive, asset and risk focused approach that is aligned with the business mission statements/objectives has a significant impact on changing the business leaders’ perspectives. This chapter seeks to explain how you can start to reduce the opportunities for the cyber-attackers, through a more targeted and prioritized approach. Many organizations are feeling a sense of Cyber-security fatigue and often sensing that the cyber-criminals have got the upper hand and that this is a battle that they are losing, frequently believing that they are ‘Boiling the Ocean’. If a business fails to identify and categorize their assets, they will not be able to truly appreciate the value of their most important company assets, and their importance to the business. Consequently, when it comes to carrying out the risk assessments, it can often feel like this is based upon a premonition or a hunch. Additionally, when it comes to applying appropriate mitigation controls, this can be extremely difficult to show proportionality and a return on investment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
EUR 29.95
Price includes VAT (Germany)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 139.09
Price includes VAT (Germany)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 181.89
Price includes VAT (Germany)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info
Hardcover Book
EUR 181.89
Price includes VAT (Germany)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. www.militarydictionary.org (n.d.) F2T2EA acronym definition—MilitaryDictionary. https://www.militarydictionary.org/acronym/m/f2t2ea. Accessed 10 Feb 2021

  2. Lockheed Martin (2019) Cyber Kill Chain®. [online] Lockheed Martin. https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html.

  3. www.etymonline.com (n.d.) cyber | search online etymology dictionary. https://www.etymonline.com/search?q=cyber. Accessed 10 Feb 2021

  4. https://www.carbonblack.com/blog/introducing-the-cognitive-attack-loop-and-its-3-phases/

  5. https://attack.mitre.org/

  6. Pols P (2017) The unified kill chain designing a unified kill chain for analyzing, com-paring and defending against cyber attacks. https://www.csacademy.nl/images/scripties/2018/Paul_Pols_-_The_Unified_Kill_Chain_1.pdf.

  7. www.trendmicro.com (n.d.) Exploiting AI: how cybercriminals misuse and abuse AI and ML—Security news. https://www.trendmicro.com/vinfo/hk/security/news/cybercrime-and-digital-threats/exploiting-ai-how-cybercriminals-misuse-abuse-ai-and-ml. Accessed 10 Feb 2021

  8. Editor CC (n.d.) asset(s)—Glossary | CSRC. [online] csrc.nist.gov. https://csrc.nist.gov/glossary/term/asset.

  9. partners.securityscorecard.com (n.d.) Cyber rescue alliance—Member | securityScore-card partner portal partner directory. https://partners.securityscorecard.com/english/directory/partner/462331/cyber-rescue-alliance. Accessed 10 Feb 2021

  10. Stone M, Irrechukwu C, Perper H, Wynne D, Kauffman L (2018) IT asset management: financial services. https://csrc.nist.gov/publications/detail/sp/1800-5/final.

  11. Inc G (n.d.) Enterprise asset management (EAM) software reviews 2021 | gartner peer insights. [online] Gartner. https://www.gartner.com/reviews/market/enterprise-asset-management-software. Accessed 10 Feb 2021

  12. Inc G (n.d.) Network access control (NAC) solutions reviews 2021 | gartner peer In-sights. [online] Gartner. https://www.gartner.com/reviews/market/network-access-control. Accessed 10 Feb 2021

  13. us-cert.cisa.gov (n.d.) Assessments: cyber resilience review (CRR) | CISA. https://us-cert.cisa.gov/resources/assessments

  14. CRR Supplemental Resource Guide Asset Management (n.d.) https://us-cert.cisa.gov/sites/default/files/c3vp/crr_resources_guides/CRR_Resource_Guide-AM.pdf

  15. Cambridge.org (2019) RISK | meaning in the Cambridge English Dictionary. https://dictionary.cambridge.org/dictionary/english/risk

  16. www.etymonline.com (n.d.) Security | origin and meaning of security by Online Etymology Dictionary. https://www.etymonline.com/word/security#etymonline_v_30368. Accessed 10 Feb 2021

  17. Cambridge.org (2019) SECURITY | meaning in the Cambridge English Dictionary.https://dictionary.cambridge.org/dictionary/english/security

  18. www.etymonline.com (n.d.) Threat | search online Etymology Dictionary.https://www.etymonline.com/search?q=threat&ref=searchbar_searchhint. Accessed 10 Feb 2021

  19. Frue K (2019) PESTLE analysis—Business and SWOT analysis. [online] PESTLE analysis. https://pestleanalysis.com

  20. Nist.gov (2015) Threat—Glossary | CSRC. https://csrc.nist.gov/glossary/term/threat

  21. Royal Navy MOD UK (2017) CHAPTER 29 ESTABLISHMENT/UNIT SECURITY OFFICER. Duties of the Establishment/Unit Security Officer. Accessed 10 Feb 2021

    Google Scholar 

  22. Exabeam (2020) 6 threat modeling methodologies: prioritize & mitigate threats. https://www.exabeam.com/information-security/threat-modeling. Accessed 10 Feb 2021

  23. jegeib (n.d.) Threats—Microsoft threat modeling tool—Azure. [online] docs.microsoft.com. https://docs.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats

  24. Reliable Cyber Solutions (2020) PASTA threat modeling method: all you need to know—RCyberSolutions.com.https://www.rcybersolutions.com/pasta-threat-modeling-method-all-you-need-to-know. Accessed 10 Feb 2021

  25. EC-Council (n.d.) Threat modeling | importance of threat modeling. https://www.eccouncil.org/threat-modeling. Accessed 10 Feb 2021

  26. Simplilearn.com (2020) What is threat modeling: process and methodologies. https://www.simplilearn.com/what-is-threat-modeling-article

  27. www.etymonline.com (n.d.) vulnerability | search online etymology dictionary. https://www.etymonline.com/search?q=vulnerability&ref=searchbar_searchhint. Accessed 10 Feb 2021

  28. www.etymonline.com (n.d.) vulnerable | origin and meaning of vulnerable by online etymology dictionary. https://www.etymonline.com/word/vulnerable. Accessed 10 Feb 2021

  29. Nist.gov (2015) vulnerability—Glossary | CSRC. https://csrc.nist.gov/glossary/term/vulnerability

  30. www.etymonline.com (n.d.) impact | origin and meaning of impact by online etymology dictionary. https://www.etymonline.com/word/impact#etymonline_v_1545. Accessed 10 Feb 2021

  31. Editor CC (n.d.) Impact—Glossary | CSRC. [online] csrc.nist.gov.https://csrc.nist.gov/glossary/term/impact. Accessed 10 Feb 2021

  32. Excel TMP (2016) Business impact analysis template excel. https://exceltmp.com/business-impact-analysis-template-excel. Accessed 10 Feb 2021

  33. IADC Lexicon (2017) Definition of initial risk. https://www.iadclexicon.org/initial-risk. Accessed 10 Feb 2021

  34. Editor CC (n.d.) Risk appetite—Glossary | CSRC. [online] csrc.nist.gov. https://csrc.nist.gov/glossary/term/Risk_Appetite. Accessed 10 Feb 2021

  35. nicole.keller@nist.gov (2020) Risk management framework. [online] NIST. https://www.nist.gov/cyberframework/risk-management-framework

  36. Blank R, Gallagher P (2012) Guide for conducting risk assessments NIST special publication 800–30 Revision 1 JOINT TASK FORCE TRANSFORMATION INITIATIVE. https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-30r1.pdf

  37. Giles S (2012) Managing fraud risk : a practical guide for directors and managers. Wiley, Chichester, West Sussex

    Google Scholar 

  38. Editor CC (n.d.) Residual risk—Glossary | CSRC. [online] csrc.nist.gov. https://csrc.nist.gov/glossary/term/residual_risk. Accessed 10 Feb 2021

  39. Editor CC (n.d.) Qualitative assessment—Glossary | CSRC. [online] csrc.nist.gov. https://csrc.nist.gov/glossary/term/Qualitative_Assessment. Accessed 10 Feb 2021.

  40. Editor CC (n.d.) Quantitative assessment—Glossary | CSRC. [online] csrc.nist.gov. https://csrc.nist.gov/glossary/term/Quantitative_Assessment. Accessed 10 Feb 2021

  41. app.fairu.net (n.d.) FAIR-U. https://app.fairu.net. Accessed 10 Feb 2021

  42. Tool 3: Risk management (n.d.). https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/550691/Tool_3.pdf

  43. Bush T (n.d.) 3 tools to include in risk management framework for best results. [online] pestleanalysis.com.https://pestleanalysis.com/risk-management. Accessed 10 Feb 2021

  44. Acuity Risk Management (n.d.) STREAM integrated risk management software. https://acuityrm.com. Accessed 10 Feb 2021

  45. Acuity Risk Management (n.d.) STREAM, cyber risk & compliance management platform. https://acuityrm.com/platform. Accessed 10 Feb 2021

  46. CRR Supplemental Resource Guide Risk Management (n.d.). https://us-cert.cisa.gov/sites/default/files/c3vp/crr_resources_guides/CRR_Resource_Guide-RM.pdf. Accessed 10 Feb 2021

  47. Common Controls Hub (n.d.) Compliance map** for PCI, HIPAA, and more. https://commoncontrolshub.com. Accessed 10 Feb 2021

  48. NIST (2020) Security and privacy controls for information systems and organizations. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf

  49. public.cyber.mil (n.d.) Security technical implementation guides (STIGs)—DoD cyber exchange. https://public.cyber.mil/stigs. Accessed 10 Feb 2021

  50. public.cyber.mil (n.d.) Community gold standard (CGS)—DoD cyber exchange. https://public.cyber.mil/cgs. Accessed 10 Feb 2021

  51. Cloud Security Alliance (n.d.) Cloud security alliance. https://cloudsecurityalliance.org/research/cloud-controls-matrix. Accessed 10 Feb 2021

  52. ISO—International Organization for Standardization (2019) ISO/IEC 27001:2013. [online] ISO. https://www.iso.org/standard/54534.html.

  53. 14:00–17:00 (n.d.) ISO/IEC 27701:2019. https://www.iso.org/standard/71670.html. Accessed 10 Feb 2021

  54. 14:00–17:00 (n.d.) ISO/IEC CD 27402. [online] ISO. https://www.iso.org/standard/80136.html. Accessed 10 Feb 2021

  55. Pcisecuritystandards.org (2019) Official PCI security standards council site—Verify PCI compliance, download data security and credit card security standards. https://www.pcisecuritystandards.org

  56. CIS (2018) The 20 CIS controls & resources. https://www.cisecurity.org/controls/cis-controls-list

  57. Isaca (2019) COBIT | control objectives for information technologies | ISACA. [online] Isaca.org. https://www.isaca.org/resources/cobit

  58. BASELINE CYBER SECURITY CONTROLS FOR SMALL AND MEDIUM ORGANIZATIONS FOR SMALL AND MEDIUM ORGANIZATIONS. (n.d.) https://cyber.gc.ca/sites/default/files/publications/Baseline%20Cyber%20Security%20Controls%20for%20Small%20and%20Medium%20Organizations.pdf. Accessed 10 Feb 2021

  59. www.ncsc.gov.uk (n.d.) About cyber essentials. https://www.ncsc.gov.uk/cyberessentials/overview

  60. us-cert.cisa.gov (n.d.) Assessments: cyber resilience review (CRR) | CISA. https://us-cert.cisa.gov/resources/assessments. Accessed 10 Feb 2021

  61. owasp.org (n.d.) OWASP application security verification standard. https://owasp.org/www-project-application-security-verification-standard

  62. owasp.org (n.d.) OWASP mobile security testing guide. https://owasp.org/www-project-mobile-security-testing-guide

  63. Zortrex (n.d.) Data protection—Secure tokenisation solutions. [online] Zortrex. https://www.zortrex.com. Accessed 10 Feb 2021

  64. www.gcicom.net (n.d.) Gartner recognised contact centre solutions from GCI. https://www.gcicom.net/Our-Services/Unified-Communications/GCI-Contact-Centre. Accessed 10 Feb 2021

Download references

Author information

Authors and Affiliations

  1. IS Centurion Consulting Ltd., London, UK

    Jim Seaman

Authors
  1. Jim Seaman
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jim Seaman .

Editor information

Editors and Affiliations

  1. Hillary Rodham Clinton School of Law, Swansea University, Swansea, UK

    Reza Montasari

  2. Northumbria University, London, UK

    Hamid Jahankhani

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Seaman, J. (2021). Combating the Cyber-Security Kill Chain: Moving to a Proactive Security Model. In: Montasari, R., Jahankhani, H. (eds) Artificial Intelligence in Cyber Security: Impact and Implications. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-88040-8_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-88040-8_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-88039-2

  • Online ISBN: 978-3-030-88040-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation