If we assume for a minute that you aren't perfect, that somehow, an adversary has gotten onto one of your users endpoints. What happens next? The concept of a "Cyber Kill Chain" (originally from Lockheed Martin) is that after exploitation the attacker needs to conduct privilege escalation and lateral movement, before grabbing the data (or conducting "action on target" for those people with a military background) and getting it out.
Cyberweekly #181 - Cyber Command and Control
Cyberweekly #181 - Cyber Command and Control
Cyberweekly #181 - Cyber Command and Control
If we assume for a minute that you aren't perfect, that somehow, an adversary has gotten onto one of your users endpoints. What happens next? The concept of a "Cyber Kill Chain" (originally from Lockheed Martin) is that after exploitation the attacker needs to conduct privilege escalation and lateral movement, before grabbing the data (or conducting "action on target" for those people with a military background) and getting it out.