Having recently hosted a Security tech session in Columbus, OH, our business development team and their clients were exposed to a handful of top concerns and a myriad of tips coming into 2019.
The biggest discussion was around the "if" and "when" conversation. Nowadays, it's not if you will be hacked, it's when.
So when a hacker does enter your environment, lead them into what they believe is accurate and real information and then set the trap. Attackers are reliant upon getting responses from points within an infrastructure in order to move things forward. With a fake environment they believe to be moving and making progress, however, in the end you've captured their credentials and led them into what was previously known as a sticky, honeypot.
It's a term that was used previously in our industry (honeypot) but with the advancements in technology, the sophistication and further clarity of the tactic, they are being called "Deception Based Threat Detection".
These tactics are also been used in military combat and strategy. Deception is a powerful tool and that's why Gartner has named it an item to watch!
How can you take advantage of this tactic?
As read in Gartner's "Emerging Technology Analysis: Deception Techniques and Technologies Create Security Technology Business Opportunities" by analyst Lawrence Pingree These recommendations can be offered in support of leveraging this technology.
Examine how threat deception techniques can be leveraged to enhance your existing threat defense capabilities against advanced adversaries.
Consider whether integrating with existing threat deception providers can bring additional value to your current offerings.
Evaluate existing deception capabilities across the security market, and articulate them correctly to your product marketing managers to demonstrate the value of deceiving the attacker."
The Attivo platform provides a comprehensive deception platform that in real-time detects inside-the-network intrusions in networks, public and private data centers, and specialized environments such as Industrial Control System (ICS) SCADA, Internet of Things (IoT), and Point of Sale (POS) environments. iQSG has become one of Attivo Network's MSSPs, the only current provider with this specialty in the region currently.
Details on research and usage statistics can be found more fully in the article below. "Emerging Technology Analysis: Deception Techniques and Technologies Create Security Technology Business Opportunities".
Excerpts included from Gartner's "Emerging Technology Analysis: Deception Techniques and Technologies Create Security Technology Business Opportunities" FOUNDATIONAL Refreshed: 30 September 2016 | Published: 16 July 2015 ID: G00278434 Analyst(s): Lawrence Pingree