Cybersecurity Reference > Glossary
Tactics
Tactics are the specific technical methods and procedures used by threat actors to achieve their objectives during a cyberattack.
In cybersecurity frameworks like MITRE ATT&CK, tactics represent the "why" behind an adversary's actions—the tactical goals they are trying to accomplish at each stage of their attack campaign.
Common tactics include initial access (gaining entry to a target system), persistence (maintaining access over time), privilege escalation (obtaining higher-level permissions), defense evasion (avoiding detection), credential access (stealing authentication information), discovery (gathering information about the target environment), lateral movement (spreading through a network), collection (gathering target data), and exfiltration (stealing data from the organization).
Each tactic can be accomplished through multiple techniques and procedures, giving attackers flexibility in how they pursue their goals. Understanding tactics helps security teams anticipate adversary behavior patterns and develop comprehensive defense strategies that address not just specific attack methods, but the underlying strategic objectives that drive malicious activity across the entire attack lifecycle.
Need Help with Advanced Threat Tactics?
Plurilock's threat intelligence services help organizations understand and counter sophisticated attack methods.
Get Threat Intelligence Now → Learn more →Downloadable References
Sample Governance Policy for AI Use
Establishing Guardrails for AI Whitepaper
