There is widespread industry discussion and debate about the current Active Cyber Defense Certainty Act (ACDC), introduced to Congress in March of 2017, that would allow companies the right to hack back after a “persistent unauthorized intrusion.” This bill has become increasingly relevant in the cybersecurity community as a result of frustration with the sheer …
Active Cyber Defense Certainty
Is it next-generation threat detection? Is it counter-hacking? One thing we know is that it’s designed to lure hackers to a replica enterprise environment so that threats can be eliminated. It’s deception.
“Why does this company exist? It really boils down to that a perimeter-based defense is just not reliable anymore,” Carolyn Crandall, chief deception officer and CMO at Attivo Networks told Security Now. “People can and will get into the network, and over the last couple of years, people are accepting that.”
Crandall is adding her voice to a growing number of experts that agree the better strategy is to accept that penetration is inevitable and therefore the focus should be on protecting the data in the network, not erecting a fence.