5 ways deception tech is disrupting cybersecurity

5 ways deception tech is disrupting cybersecurity

Enterprises and their Security Operations Centers (SOCs) are under siege. Security events are being triggered from all corners of the security stack – from the firewall, endpoints, and servers, from intrusion detection systems and other security solutions.

What’s more is that security teams do not have enough people or hours in a day to analyze the alerts that are coming in, and most ‘security events’ don’t even imply an attack in progress. They often are simply sharing information (failed connections, for example) or are what we call ‘false positives’ (when a solution thinks it has found a specific vulnerability, but in fact, it hasn’t.)

This is important because today, attackers use stealthy tactics that leverage these security challenges – after infecting an asset inside an organization, they keep a low profile, moving laterally in the hunt for valuable, sensitive data. The longer they stay in the network, the harder it becomes to detect their trail. The average ‘dwell time’ – how long an attacker or malicious insider is inside an organization’s network – is measured in months, with some estimates in the 200+ day range.

That’s why it’s critical for organizations – both large and small – to focus their cybersecurity strategy on earlier detection and faster response. One of the technologies trend that is promising to do this, is deception.

What is deception technology?

Sun Tzu said it best in his book on The Art of War: “All warfare is based on deception.”

‘Deception’ is a classic tactic used in warfare, both for protection and as a mechanism to attack enemies. One of the best-known deception operations conducted during World War II was when the British deceived the Germans in Operation Mincemeat, which preceded the invasion of Sicily. This was a classic operation of planting strategic misinformation in order to deceive the enemy and distract them from the real place where the attack actually took place.

The idea behind a cyber deception strategy is similar. Organizations often know to varying degrees what the attackers are looking for, what they expect to find, and how they might attack and use the information they find – so why not use this against them?

The ultimate goal of deception is to lure attackers to ‘decoy’ assets that look and feel real but aren’t. This can be done through different methods including traps in the network, on the…

Follow Me

Peter Bordes

Exec Chairman & Founder at oneQube
Exec Chairman & Founder of oneQube the leading audience development automation platfrom. Entrepreneur, top 100 most influential angel investors in social media who loves digital innovation, social media marketing. Adventure travel and fishing junkie.
Follow Me

More from Around the Web

Subscribe To Our Newsletter

Join our mailing list to receive the latest news from our network of site partners.

You have Successfully Subscribed!

Pin It on Pinterest