Cyber Kill Chain

The Cyber Kill Chain is a framework developed by Lockheed Martin that describes the stages of a cyber attack from initial reconnaissance through achieving the attacker's objective. The seven stages are: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, and Actions on Objectives.

The kill chain concept helps defenders understand that attacks are multi-stage processes, and disrupting any stage prevents the attack from succeeding. Your security controls should provide detection and prevention at multiple stages, creating multiple opportunities to stop an attack before the attacker achieves their goal.

Why It Matters

The kill chain framework helps you evaluate whether your security controls provide coverage at each attack stage. CMMC requirements span the entire kill chain — from perimeter defenses to monitoring to incident response — creating layered opportunities to detect and stop attacks.