When most people think of cybersecurity it is a mysterious black box that constantly changes, but in reality there are common frameworks that attackers and defenders follow. The cyber kill chain is a process that is executed in every successful cyber attack. The details of the attack changes, but the process is consistent. Defenders/companies follow the NIST Cybersecurity framework, which essentially puts everything an organization does into 6 buckets with the goal to disrupt attacks, somewhere on there path of the cyber kill chain.
- For more detail on the Cyber Kill Chain here.
- For more detail on the NIST Cybersecurity frameworkhere. Note that the govern stage is not in mentioned in the documentation, but that is only because it was recently added to the formal framework and has not made it into the abbreviiated messages yet. You can research NIST framework 2.0 to learn more about the govern stage.
- Attack Action Cards + HACKED Card = All stages of the Cyber Kill Chain is represented
- Defend Action Cards = All stages of the NIST Cybersecurity framework is represented
