Modern defensive frameworks such as the Cyber Kill Chain, ATT&CK, and D3FEND focus on cataloguing and countering the tactics, techniques, and procedures (TTP) of cyber attackers. While invaluable for incident response, these models remain tactically reactive. In persistent competition, however, Advanced Persistent Threat (APT) attackers and defenders operate in continuous contact within the same contested environment, which renders reactive defensive approaches incomplete. This commentary argues that enduring cyber defense against persistent attackers emerges not from proper reaction but from controlling the environment that the attacker depends on. Building upon Fischerkeller, Goldman and Harknett's Cyber Persistence Theory (CPT), Monte's Network Attacks and Exploitation, and Smeets's PETIO framework, and informed by the author’s operational experience, it proposes the Offense Death Cycle (ODC) – a field-informed operational concept for defensive persistence. The ODC translates strategic persistence into a practical loop of intelligence, induced friction, and anticipation, enabling defenders to transform home-field advantage into a source of initiative and to exhaust APTs through executing proactive environmental control.
READ THE FULL ARTICLE HERE
doi.org/10.55682/cdr/cybr-odc1
The Cyber Defense Review
Volume 11, Issue 1