The classic kill chain model was designed to help organizations combat external threats by bad actors. The goal for security analysts and investigators is to disrupt the chain early, before sensitive data slips out the door. Some organizations try to squeeze other types of threats, such as those posed by insiders, into the classic model, which doesn’t work because the behavior of insider threats is not the same as those of outsiders. A second type of cyber-risk model that can be extremely effective against threats, is a proactive model.”]