The days of Jesse James’s train and bank robberies and John Dillinger kicking down doors with his trademark Tommy gun may be long gone, but bank heists are alive and well in the 21st century — albeit with a new flair. Instead of dramatic physical robberies, today’s criminals have shifted the battleground to cybersecurity, infiltrating the networks of financial institutions globally to steal money and personal information. The attacks remain staggering. Back in 2012, individuals and businesses are believed to have lost approximately $78 million during Operation High Roller. Fast forward to today, and the hacking group known as Bandidos Revolution Team is reported to have stolen hundreds of millions of pesos by infiltrating interbank payment systems and hacking into ATMs. Notably, this group is not believed to be connected to another, separate 300-million-peso heist from five banks last year.
They have trouble modifying their strategy to report within 72 hours. Previous directives from the EU made no specific mention of data breaches, and GDPR now sets a clear directive as to what constitutes a data breach, how the incident is to be reported and the substantial penalties for not complying,” she said. “This has required businesses to reassess their technology and processes to understand their ability to detect, audit and report breaches in compliance with GDPR. Closing these gaps, in many cases, requires the adoption of new technology to ensure that the attack is not only detected, but understood in a way that can explain the magnitude of the breach and the corrective actions to contain it.
Written by: Mike Parkin – Product Marketing Engineer – I recently caught a webinar presented by ObserveIT that addressed the challenges presented by “insider threats.” They did a good job of defining the term, the threats, and they laid out some broad-stroke suggestions on how to address the problem. Something they didn’t talk about, was how deception technology is a powerful tool for dealing with this difficult problem.
You have helmed several leadership roles in several companies. Tell us a bit about your journey from the marketing space to starting Marticulate and then becoming a Chief Deception Officer at Attivo. What was the transition like? From core marketing to core technology? I didn’t originally start out thinking I was going to become a sales or marketing professional. If you have ever played Monopoly, think of the stigma they put on that profession, and as such it really wasn’t top of mind. That said, while I was going to Santa Clara University, studying both electrical engineering and computer science, I took a job as an assistant to the VP of Marketing.
In the latest episode of the Zero Hour Podcast, Tony Cole joined Karl Sharman to discuss Threat Detection, Deception and intelligence. Tony is a veteran within cybersecurity having served in senior positions at Symantec, McAfee and FireEye over a 30 year career. Tony is now the CTO for Attivo Networks, the award-winning leader in deception for cybersecurity threat detection as well as serving as a member of the NASA Advisory Council.
Authored by: Carolyn Crandall, Attivo Networks CMO and Chief Deception Officer – I know Sun Tzu quotes are overdone, but this was so fitting, it just made sense to use it. One of Sun Tzu’s most famous pieces of advice was “know thy enemy.” Those three simple words remain as relevant today as they were 2,500 years ago. And while the enemies we face now are different from those faced by the famous philosopher-general, the lesson remains the same: knowledge is power.
This year’s RSA Conference is a key venue for companies to showcase their new cybersecurity products. Here are some of the more interesting tools to check out. The Informer is a deception-based, real time forensic collection offering that extends Attivo’s ThreatDefend Detection and Response platform. The new tool provides a view of the attacker’s activity to accelerate intelligence-driven response and remediation, enhancing the ability to rapidly gather, understand and disseminate adversary intelligence. RSAC Location: South Expo 455
Carolyn Crandall has served as the Chief Deception Officer and CMO of Attivo Networks® since 2015 and has over 30 years of experience building emerging technology markets in the security, networking, and storage industries. She has a demonstrated track record of successfully taking companies from preIPO through to multi-billion-dollar sales and has held leadership positions at Cisco, Juniper Networks, Nimble Storage, Riverbed, and Seagate(i365).
This article is fifth in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo Networks. The article provides an overview of how deception fits into information risk management strategies and how organizations can answer C-level ROI questions for justifying deception.
Dealing with cyberattacks on a daily basis has become the reality for businesses today. However, few organisations take a proactive response. Instead, they are left to deal with the fallout after an attack happens and the financial and reputational damage to their business has already occurred. TechRadar Pro spoke with Attivo Networks’ Chief Deception Officer Carolyn Crandall who suggests that businesses adopt the long established military technique of ‘deception’ to help them gain an edge over cybercriminals.