Why playing hard to get pays off in cyber security

Deception is Essential to Your Cybersecurity Strategy say Frost & Sullivan

The battle lines of cybersecurity have changed. Cyber attackers are not only penetrating perimeter defences to gain access to enterprise networks but on average are not being detected for close to five months after they landed inside. During this extended period of time, attackers are active—compromising more machines, infiltrating critical systems, and extracting sensitive data. The question is, “What can you do about it?” To produce effective detection, deception technology alters the playing field in your favour as you combat cyber attackers.

New Frost & Sullivan whitepaper titled, Why Deception is Essential to Your Cybersecurity Strategy, argues the case for deception technology as a fresh approach and an essential element in modern cybersecurity strategies. This kind of technology offers an effective means to detect cyber adversaries and malicious insiders with speed, certainty, and in-depth forensics.

Cyber adversaries are besting enterprises’ abilities to thwart them despite years of increasing expenditures on preventive forms of cyber security. The inevitable conclusion is that new approaches are overdue in stopping cyber adversaries in their tracks.

“The need for deception technology exists because preventive and protective defenses are not enough, and once attackers have made it inside, current technologies to detect them and detect them early are inadequate,” stated Stratecast/Frost & Sullivan Vice President of Research Michael Suby. “A new approach to detecting attackers in an enterprise network must be part of a modern cybersecurity arsenal.”

It’s the little things

A small set of deceptions in limited sections of an enterprise network is also inadequate. The optimal approach is to blanket the entire network! Using deception technology, in particular, places realistic and tailored deceptions literally everywhere in the enterprise network. This method is highly advisable in detecting and identifying with precision the existence and location of cyber attackers as they begin their inside reconnaissance efforts and lateral movements.

“The art of deception as practised by illusive networks with its Deceptions Everywhere approach, blankets an enterprise’s entire network and endpoints with deceptions,” noted Suby.  “These deceptions – credentials, folders, endpoints, servers, and other tidbits of information – are the product of illusive networks’ Deception Management System.”

While attackers will continue to seek out and exploit a business’s cybersecurity vulnerabilities, deception technology causes attackers to expose their vulnerability. To make this work, deceptions that trigger and identify attackers’ presence with precision and speed need to be everywhere that attackers could be. This is the illusive approach to effective deception.

“As pioneers of deception-based cyber security, it’s great to gain such positive praise from a leading analyst such as Michael Suby,” said illusive networks’ CEO Ofer Israeli. “With ever increasing sophisticated attacks on organisations, he recognises that our agentless technology provides high fidelity detection and is an optimal, forward-thinking solution for CISOs and CIOs.”