Carbon Black: rethink cybersecurity defence
Carbon Black, a cloud-native endpoint protection provider, has released a white paper that proposes an updated cybersecurity kill chain model to help defenders stay ahead of evolving cyberattacks.
The paper, Cognitions of a Cybercriminal: Introducing the Cognitive Attack Loop and the 3 Phases of Cybercriminal Behavior, delves into the ways cybercriminals have evolved in and offers guidelines for chief information security officers (CISOs) and security professionals to help manage risk.
“We believe cybersecurity professionals should be looking at existing kill chain models with a new lens,” said Tom Kellermann, Carbon Black’s Chief Cybersecurity Officer and the paper’s primary author.
“It’s no longer helpful to approach cybersecurity linearly. Cognitions and context are critical and help reveal attackers’ intent. Understanding the root cause of attacks and the way attackers think is paramount to good cybersecurity. With the Cognitive Attack Loop, we’re offering defenders an updated model at how attackers think and behave.”
The Cognitive Attack Loop was borne from insight provided by Carbon Black’s cloud-native endpoint protection platform (EPP), which collects terabytes of data per day from around the globe, as well as insights from the Carbon Black Threat Analysis Unit (TAU). The paper outlines the three phases proposed in the Loop: recon (reconnaissance) & infiltrate; maintain & manipulate; and execute & exfiltrate.
“The more insight defenders have into cybercriminal behaviour, the more effective technology can be in recognising and stopping suspicious activity,” Kellermann said.
“The patterns we see in attack data transcend any individual attack and allow us to provide protection against a broad set of threats without relying on specific prediscovered indicators of compromise (IOCs).
"With the Cognitive Attack Loop, we’ve taken the various insights from our cloud-native EPP and our threat research efforts to arrive at a modern cycle that helps uncover cybercriminal behaviour and gives defenders a true sense of how modern attackers are operating.”
Details:
Click here to download the full paper from Carbon Black.
The paper, Cognitions of a Cybercriminal: Introducing the Cognitive Attack Loop and the 3 Phases of Cybercriminal Behavior, delves into the ways cybercriminals have evolved in and offers guidelines for chief information security officers (CISOs) and security professionals to help manage risk.
“We believe cybersecurity professionals should be looking at existing kill chain models with a new lens,” said Tom Kellermann, Carbon Black’s Chief Cybersecurity Officer and the paper’s primary author.
“It’s no longer helpful to approach cybersecurity linearly. Cognitions and context are critical and help reveal attackers’ intent. Understanding the root cause of attacks and the way attackers think is paramount to good cybersecurity. With the Cognitive Attack Loop, we’re offering defenders an updated model at how attackers think and behave.”
The Cognitive Attack Loop was borne from insight provided by Carbon Black’s cloud-native endpoint protection platform (EPP), which collects terabytes of data per day from around the globe, as well as insights from the Carbon Black Threat Analysis Unit (TAU). The paper outlines the three phases proposed in the Loop: recon (reconnaissance) & infiltrate; maintain & manipulate; and execute & exfiltrate.
“The more insight defenders have into cybercriminal behaviour, the more effective technology can be in recognising and stopping suspicious activity,” Kellermann said.
“The patterns we see in attack data transcend any individual attack and allow us to provide protection against a broad set of threats without relying on specific prediscovered indicators of compromise (IOCs).
"With the Cognitive Attack Loop, we’ve taken the various insights from our cloud-native EPP and our threat research efforts to arrive at a modern cycle that helps uncover cybercriminal behaviour and gives defenders a true sense of how modern attackers are operating.”
Details:
Click here to download the full paper from Carbon Black.
Comments
Post a Comment