An attack chain refers to the progression or path threat actors take to achieve their goals, which normally
financially motivated or extortion-driven cyber-attack.
There are several freely available, step-by-step attack chain templates outlining the stages of a potential attack
you to consult, including FireEye, Lockheed
Martin, and MITRE ATT&CK.
A threat actor or adversary can follow a complex chain of techniques and tactics to compromise, invade, extract and
manipulate your IT system’s operations and data. The best defence is the most traditional of responses – building
‘Defence in depth’ refers to the commonly adopted organizational strategy of layering each level of IT operations
defences, including measures like phishing controls and file restrictions, that protect against a potential threat
actor’s initial access.
“A cyber-attack isn’t just a single point, it’s a continuous line where different things need to happen, from
on a phishing email to the end of the attack where the threat actor achieves a goal,” says Karen Lamb, Head of
Intelligence Engineering, HSBC. “What we repeatedly see is that when threat actors encounter a network environment
is built with ‘Defence in Depth’ strategies, they think it’s just too much for them, and they move on to the next