By Tony Cole, CTO, Attivo Networks Will the SolarWinds breach finally prompt the right legislative and regulatory actions on a broader, more effective scale? The SolarWinds breach is not the first major supply chain breach, but previous similar breaches failed to prompt effective regulatory action. Both governments and businesses remain focused on things like cyber …
The growing ability of attackers to breach even well-defended enterprise networks has led to increased interest in deception technologies and tactics in recent years. … Deception tools basically use misdirection, false responses, and other tricks to lure attackers away from legitimate targets and point them to honeypots and other decoy systems designed to trap or …
Cybersecurity is a fast-moving field and education has a hard time keeping up. Traditional colleges and universities are often behind the curve when it comes to cybersecurity, so how are future security engineers and CISOs learning the ropes? How will companies find them? And, when they do, how can they determine who truly has the skills they’re looking for? The demand for security talent only continues to rise. In its 2018 Cybersecurity Workforce Study, (ISC)² found the global shortage of security experts has hit 2.93 million. More than 63% of respondents report a lack of security staff; 60% say it puts them at moderate to extreme risk.
As the topic of hacking back continues to resurface among elected officials, those of us in the cybersecurity community are scratching our heads over why this concept refuses to die. After digging deeper, one can see that there are many misperceptions regarding what the terms “hacking back” and “active cyber defense” (ACD) actually mean. General frustration and misinformation are driving the interest, but the mixing of definitions is fueling confusion.
While cyberattacks continue to grow, deception-based technology is providing accurate and scalable detection and response to in-network threats.
Distributed deception platforms have grown well beyond basic DecoyDoc trapping techniques and are designed for high-interaction deceptions, early detection, and analysis of attackers’ lateral movement. Additionally, deception platforms change the asymmetry of an attack by giving security teams the upper hand when a threat enters their network and forcing the attackers to be right 100% of the time or have their presence revealed, and by providing decoys that obfuscate the attack surface and through valuable threat intelligence and counterintelligence that is required to outmaneuver the advanced human attacker.
Deception — isn’t that a DecoyDoc? That’s a frequently asked question when the topic of deception technology arises. This two-part post will trace the origins of DecoyDocs, the rationale behind them, and what factors ultimately hampered their wide-scale adoption. The second post will focus on what makes up modern-day deception technology, how the application of deception technology has evolved, and which features and functions are driving its adoption and global deployment.