ColaSec

Columbia's Information Security Group

1431 Assembly Street Columbia, SC, 29201 United States

A free and informal gathering of information security professionals and enthusiasts in Columbia, South Carolina at the Richland County Public Library on the 3rd Tuesday of every month at 6:00 PM (click on the YouTube bubble).

Founded 2014 (COVID can’t stop us)

Image credit: Zach Pippin
zachpippin.com

Upcoming Presentation: Breathing New Life into the Cybersecurity Kill Chain: Transforming Theory into Action

September 11, 2023  /  Adam Twitty

When: Tuesday, September 19th at 6:30pm

Where: USC Technology Incubator and streaming online

Who: David Burkett

About: Signalblur CTI, an esteemed consulting firm founded by the visionary David Burkett, collaboratively supports organizations in enhancing their security operations practices. Their tailored services range from cultivating robust threat hunting programs, honing detection engineering capabilities, to streamlining security through automation.

Synopsis: The Cyber Kill Chain, a critical framework in the realm of cyber threat intelligence, is often perceived as an academic concept rather than a practical tool. In this engaging presentation, we will dismantle this misconception by revealing the true potential of the Kill Chain and demonstrating how it can be effectively employed by SOC Managers, Detection Engineers, and Security Analysts alike.

We will begin by exploring the foundational aspects of the Cyber Kill Chain, addressing its inherent weaknesses, such as the naming of its phases. We will then debunk the myth that the Kill Chain is a linear sequence of seven phases, emphasizing its tactical circular nature. As we delve into each phase, we will outline how defenders can adopt a proactive mindset to overcome common misconceptions.

Following this, we will showcase the versatility of the Kill Chain by illustrating its applications across various security roles, drawing on firsthand experiences. We will first demonstrate how Security Analysts can utilize the Kill Chain to streamline their investigations and optimize their decision-making. Next, we will explore the benefits of incorporating the Kill Chain into the workflow of Detection Engineers, highlighting its practical advantages.

Finally, we will discuss the strategic value of the Cyber Kill Chain for SOC Managers, emphasizing its capacity to generate data-driven metrics that can bolster budget requests and facilitate informed decision-making. By the end of this dynamic presentation, attendees will be equipped with the knowledge and tools to transform the Cyber Kill Chain from an abstract concept into an actionable, invaluable resource.

Comment