In the latest episode of the Zero Hour Podcast, Tony Cole joined Karl Sharman to discuss Threat Detection, Deception and intelligence. Tony is a veteran within cybersecurity having served in senior positions at Symantec, McAfee and FireEye over a 30 year career. Tony is now the CTO for Attivo Networks, the award-winning leader in deception for cybersecurity threat detection as well as serving as a member of the NASA Advisory Council.
Carolyn Crandall has served as the Chief Deception Officer and CMO of Attivo Networks® since 2015 and has over 30 years of experience building emerging technology markets in the security, networking, and storage industries. She has a demonstrated track record of successfully taking companies from preIPO through to multi-billion-dollar sales and has held leadership positions at Cisco, Juniper Networks, Nimble Storage, Riverbed, and Seagate(i365).
Enhancement to ThreatDefend™ Platform Delivers Adversary Intelligence, Dramatically Reducing a Defender’s Response and Remediation Time FREMONT, Calif. – February 12, 2019 – Attivo Networks today introduced the Informer solution, a deception-based forensic collection offering that delivers real-time forensics with enhanced visibility. As the latest expansion to the ThreatDefend™ Detection and Response platform, the Informer adds in-depth, and often hard-to-assemble views of the attacker’s activity to accelerate intelligence-driven response and remediation.
Dealing with cyberattacks on a daily basis has become the reality for businesses today. However, few organisations take a proactive response. Instead, they are left to deal with the fallout after an attack happens and the financial and reputational damage to their business has already occurred. TechRadar Pro spoke with Attivo Networks’ Chief Deception Officer Carolyn Crandall who suggests that businesses adopt the long established military technique of ‘deception’ to help them gain an edge over cybercriminals.
Data stolen in breaches years ago is still surfacing in financial crimes today, proving that getting over past breaches is hard to do. Simply doing more of the same won’t fix our current challenges.Just within the past six months, the secretary of the Department of Homeland Security (DHS) has been replaced, the White House has eliminated the position of cybersecurity coordinator on the National Security Council, the top three cybersecurity officials at the FBI have departed, several large-scale public sector breaches have occurred – including the City of Atlanta – and the primary elections were off to a rocky start as states and counties grappled with insecure systems and voter distrust.
Counterintelligence (CI) is the information gathered and actions taken to identify and protect against an adversary’s knowledge collection activities or attempts to cause harm through sabotage or other actions. The goal of CI is to ensure information cannot be modified or destroyed by a malicious actor and that only authorized people can access an organization’s information. CI is often associated with intelligence agencies, government organizations or the military but businesses also benefit from including CI in their approach to security. In cybersecurity, counterintelligence is used to support the information security triad of Confidentiality, Availability, and Integrity (CIA). Many organizations practice aspects of CI, but refer to it by different names, including data loss prevention (DLP), malware reverse engineering and network forensics.