Disrupting the Cyber Attack Lifecycle

Companies and organizations are more focused on cybersecurity than ever before. According to the Palo Alto Networks “Breaking the Cyber Attack Lifecycle” report, “criminals are executing sophisticated attacks on global organizations with alarming regularity to obtain confidential information, steal trade secrets or disrupt business operations. It’s clear that businesses must do more to protect against these advanced cyberthreats.”

The report also points out that while companies have made significant investments to secure their networks, organizations are still vulnerable to attacks, in part because companies can’t rely on traditional defenses against their adversaries’ innovative methods.

In a recent webinar, “Disrupting the Cyber Attack Lifecycle,” Rick Howard, chief security officer at Palo Alto Networks and John Davis, vice president and federal chief security officer at Palo Alto Networks offered insights into this topic and recommendations to help organizations fight back against today’s cyber threats.

For example, the Cyber Attack Lifecycle is a sequence of events that an attacker must go through to successfully infiltrate a network and exfiltrate data from it. The good news is that blocking just one stage in this lifecycle is all that is needed to protect a company’s network from attack.

As part of the webinar discussion, Howard points to the six stages in the Cyber Attack Lifecycle:

Weaponization & Delivery
Command-and-Control (C&C)
Actions on the Objective

“What the Security Platform from Palo Alto Networks does is to prevent bad guys at each of those stages – protecting every part of the organization’s network, addressing vulnerabilities and malware arriving at the endpoint, mobile device, network perimeter and within the data center,” explains Howard. “And the good news is that that blocking just one stage in this lifecycle is all that is needed to protect an organization’s network from attack. The bad guy has to be successful at every phase of the kill chain, and he has to stop what he’s doing, regroup and start over again in order to be successful. If we stop them any place in that kill chain, in that lifecycle, then we are preventing them from being successful in their mission.”

Davis suggested companies change their mindset from detect and respond to a more modern approach focused on breach prevention.

Davis also made clear the consequences of not getting ahead of one’s adversaries. “We believe that you can actually get ahead of a lot of that threat,” he continued. “If you don’t, the risk is that you’re going to be dealing with crime scenes rather than preventing these things from happening to begin with.”

Ryan Gillis, vice president of cybersecurity strategy and global policy for Palo Alto Networks, echoed the points made by Howard and Davis. “Our breach prevention-oriented approach allows you to disrupt that attacker throughout the different stages he would like to take.”

Gillis concluded by offering advice to the CIOs and CISOs charged with protecting critical networks. “It starts with your relationship with your senior executives,” he said. “We’ve increasingly seen – whether it’s in corporate boardrooms, C-suites within private industry, or in cabinet levels within the government and up to the White House – there’s recognition that you need senior level buy-in to ensure that the combination of people, process and technology being deployed by your CIO and your CISO are working to identify the greatest risk to your organization and then take steps in a logical way to drive down the risk.”



Jason FornicolaJason Fornicola, Director of Custom Media, Federal News Radio

Jason Fornicola joined WTOP and Federal News Radio in February of 2014 as the Director of Custom Media, where he manages the stations’ sponsored and custom content initiatives. Fornicola provides clients with access to high-quality content consistent with the stations’ standard of excellence and works to solve clients’ needs through a multi-platform approach which includes on-air, digital, video and social media. His journalism and social media experience support the stations’ efforts to ensure the client message is conveyed in a way that will achieve their marketing campaign objectives.


Rick HowardRick Howard, Chief Security Officer, Palo Alto Networks

Rick is the Chief Security Officer (CSO) for Palo Alto Networks where he oversees the company’s internal security program, leads the Palo Alto Networks Threat Intelligence Team (Unit 42), directs the company’s efforts on the Cyber Threat Alliance Information Sharing Group, and hosts the Cybersecurity Canon Project. His prior jobs include the CISO for TASC, the GM of iDefense, the SOC Director at Counterpane and the Commander of the U.S. Army’s Computer Emergency Response Team. Rick holds a Master of Computer Science degree from the Naval Postgraduate School and an engineering degree from the US Military Academy.


John DavisJohn Davis, Vice President, Federal Chief Security Officer, Palo Alto Networks

Retired U.S. Army Major General John Davis is the Vice President and Federal Chief Security Officer for Palo Alto Networks, where he is responsible for expanding cybersecurity initiatives and global policy for the international public sector and assisting governments around the world to successfully prevent cyber breaches.

Prior to joining Palo Alto Networks, John served as the Senior Military Advisor for Cyber to the Under Secretary of Defense for Policy and served as the Acting Deputy Assistant Secretary of Defense for Cyber Policy.  Prior to this assignment, he served in multiple leadership positions in special operations, cyber, and information operations. His military decorations include the Defense Superior Service Medal, Legion of Merit, and the Bronze Star Medal.

John earned a Master of Strategic Studies from the U.S. Army War College, Master of Military Art and Science from U.S. Army Command and General Staff College, and Bachelor of Science from U.S. Military Academy at West Point.


Ryan GillisRyan Gillis, Vice President of Cybersecurity Strategy and Global Policy, Palo Alto Networks

Ryan Gillis joined Palo Alto Networks in January 2015, and serves as Vice President of Cybersecurity Strategy and Global Policy.  Ryan is responsible for developing company corporate policy, serving as Palo Alto Networks’ primary point of contact for public policy and legislative matters, and ensuring appropriate company participation in government forums and industry initiatives.  He works closely with government agencies and companies around the world to assist in the development of strategies operational partnerships to prevent against cybersecurity threats.

Prior to joining Palo Alto Networks, Ryan was Director of Legislative Affairs and Cybersecurity Policy for the National Security Council at the White House.  In this role, he primarily worked on the development and implementation of national cybersecurity strategy, policy, legislation, and operational initiatives.  Ryan also fostered cybersecurity collaboration and dialogue between the federal government, industry, and privacy advocates.

From 2006 to 2012, Ryan held a number of positions in the Department of Homeland Security (DHS) managing portfolios that included cybersecurity and critical infrastructure protection.  Prior to his government service, Ryan spent several years at both technology startup and defense contracting companies.

Additionally, Ryan is a Stephen M. Kellen Term Member with the Council on Foreign Relations, and was recently named to the Center for Strategic and International Studies (CSIS) Cyber Policy Task Force.  He is also a member of the Board of Advisors for CyberTECH, a global cybersecurity and Internet of Things (IoT) network ecosystem.  Ryan is a recipient of the National Security Council “Outstanding Service Award,” and a graduate of Georgetown University.