Carolyn Crandall, CMO at Attivo Networks, explains what tasks are being fobbed off onto the machines: “Marketers need tools that automate operations, simplify admin tasks, track analytics, conduct account-based marketing, and ultimately, boost sales.”
An active defense is the use of offensive actions to outmaneuver an adversary and make an attack more difficult and to carry out. Slowing down or derailing the attacker so they cannot advance or complete their attack increases the probability that the attacker will make a mistake and expose their presence or reveal their attack vector.
Counterintelligence (CI) is the information gathered and actions taken to identify and protect against an adversary’s knowledge collection activities or attempts to cause harm through sabotage or other actions. The goal of CI is to ensure information cannot be modified or destroyed by a malicious actor and that only authorized people can access an organization’s information. CI is often associated with intelligence agencies, government organizations or the military but businesses also benefit from including CI in their approach to security. In cybersecurity, counterintelligence is used to support the information security triad of Confidentiality, Availability, and Integrity (CIA). Many organizations practice aspects of CI, but refer to it by different names, including data loss prevention (DLP), malware reverse engineering and network forensics.
Security professionals have long dismissed security by obscurity or attempts to hide information from hackers. In such schemes, hackers will sniff through the decoys and find the real assets. A new class of security technology – distributed deception – may change that thinking. Distributed deception creates authentic-looking IT environments, complete with data and applications, to trick hackers. Through this approach, security teams can detect and stop attacks faster than through conventional means. Carolyn Crandall, chief deception officer and chief marketing officer at Attivo Networks, joins Pod2112 to talk about how distributed detection can make enterprise security more effective.
As medical devices incorporate connectivity, they provide greater opportunities for convenience, service, and information for consumers and companies, but also are increasingly vulnerable to cyber threats. In this environment, Attivo Networks and Becton, Dickinson and Co. (BD) have validated a deception solution for medical technology cybersecurity threats through a partnership bringing Attivo’s Botsink solution to a select number of BD devices. The two firms collaborated through BD’s Product Security Partnership Program and created “mirror-match decoy authenticity” software for some of BD’s devices, a method designed to redirect an attack from reaching important information or networks.
Is it next-generation threat detection? Is it counter-hacking? One thing we know is that it’s designed to lure hackers to a replica enterprise environment so that threats can be eliminated. It’s deception.
“Why does this company exist? It really boils down to that a perimeter-based defense is just not reliable anymore,” Carolyn Crandall, chief deception officer and CMO at Attivo Networks told Security Now. “People can and will get into the network, and over the last couple of years, people are accepting that.”
Crandall is adding her voice to a growing number of experts that agree the better strategy is to accept that penetration is inevitable and therefore the focus should be on protecting the data in the network, not erecting a fence.