Posted by Ori Bach, VP of Products
Deception technology is steadily making its way to the mainstream of the security stack as a method to confuse, divert, and identify attackers before they can steal data or disrupt normal operations.
With cybersecurity spend steadily on the rise and companies scrambling to hire the best and brightest security professionals there is no lack of investment in this space. So why are hacks and high profile data breaches still a daily occurrence? What is the advantage hackers have that gives them the upper hand?
As I look at the great innovation and thought leadership coming out of the RSA 2016 conference the answer is that until recently only hackers were able to fully make use of deception tactics.
Is deception really such a game changer? Some of my esteemed colleges in making this point, often turn to the wise words of Sun-Tzu that ”all war is based on deception”. For my part I would like to use a more contemporary analogy – “Star Wars”. How does “Star Wars” relate to deception technology you ask? Bear with me and I‘ll explain.
Those of you who are familiar with the movie’s plot may recall that in the second trilogy two inequality matched opponents battle for supremacy of the galaxy. The Jedi order, the official peace keeping force of the republic with far superior numbers and resources at its disposal faces the Sith a clandestine order constituting of only 2 persons.
At the end it is the supposedly weak side, the Sith, that emerge victorious. Why? The Jedi’s force is projected outwards for the world to see. The Sith operate in the dark, utilizing deception to mask their intent, identifying their opponents weaknesses which they later exploit to take the upper hand in the confrontation.
In a similar manner security controls use relatively known processes and technologies. The way firewalls, malware detection tools and anti-intrusion systems work are transparent to attackers. Hackers for their part employ subterfuge, constantly finding ways to mask their true identity and intentions, hide their activities and identify weak spots throughout the network.
This is why industry thought leaders such as Gartner’s Lawrence Pingree are calling on Cybersecurity professionals to harness the power of Deception to confuse, divert, and identify attackers.
Those of you who are visiting the show could not have failed to notice that multiple vendors have now started to claim capabilities in this space. Such capabilities range from attempts to put a new spin on the previous generations of honeypot’s while still relaying on the resource consuming approach of using a full OS as a decoy to more modern approaches of utilizing emulated decoys enabling deployment of a dynamic array of traps throughout the enterprise at scale with minimum consumption of resources and effort by the enterprise.
Deception technology has recently become even more powerful with the introduction of DeceptionTokens by TrapX which significantly expands the depth and breadth of its DeceptionGrid platform capabilities by integrating an array of lures within existing IT endpoints and servers.
With more market validation points coming out every day attesting to the power of Deception such as TrapX’s discoveries of zero day exploits Zombie Zero and MEDJACK using deception technology and our recently published customer case study on the successful deployment of DeceptionGrid at a global 1000 consumer products company, Deception technology is slowly finding a place of honor in the security stuck.