=================================================================================================
By Sean Michael Kerner | Posted August 06, 2014
http://www.esecurityplanet.com/imagesvr_ce/4943/man-on-computer-250x165.jpgLAS VEGAS: The modern IT security landscape is often thought of as an adversarial battlefield, which is why it makes sense to ascribe military terms to IT security conflict.
"The Library of Sparta is a euphemism for the corpus of military doctrine, " said Tom Cross, director of security research at Lancope, who is presenting a session at the Black Hat USA conference that covers the use of military processes and strategies in a cybersecurity landscape. As Cross told eSecurityPlanet in an interview, "People have begun to apply concepts to the world of military doctrine to cybersecurity."
One of the most often cited military concepts in cybersecurity is the term "kill chain." In the U.S Air Force, a kill chain is the set of steps required in order to shoot a missile. There are multiple steps in the Air Force's kill chain. First there is a determination of what is being targeted, followed by a determination that the weapon is properly aimed at the target and confirmation that the target is correct. After the missile is fired, there is confirmation that the target was actually hit.
"When we apply the term kill chain to cybersecurity, we're thinking about the stages that an attacker has to go through as they break into a network," Cross said. "It's helpful to lay out all the steps, as it lets us as defenders think more carefully about our control sets."
eSecurityPlanet/ Full Article Here/ http://www.esecurityplanet.com/network-security/using-military-strategy-to-fight-cyber-battles.html
