Deception Technologies Have a Maturity Problem

  /     /     /  
Publicated : 23/11/2024   Category : security


Deception Technologies Have a Maturity Problem




INFOSEC23 — London — Deception technologies can offer a better method to detect attackers in your network, but questions remain on how much security leaders know about their maturity and capabilities.
In a discussion at
Infosecurity Europe
, panelist Debi Ashenden, a professor in cybersecurity from Adelaide University, described deception technologies as relatively immature. She said deception had come out of the idea of honeypots and while organizations may be on the cusp of seeing deception technologies mature, the technology lacks good use cases or reference customers willing to discuss their experience with deception.
Gonzalo Cuatrecasas, CISO of Nordic industrial manufacturer Axel Johnson International, said when technology is embraced, its got to be mature enough to do [the job it is intended for], otherwise it is halfway tech that gets [stuck] in the middle.
Lewis Woodcock, senior director of cyber operations for shipping concern A.P. Møller – Mærsk, said the challenge is for customers to fully understand what their underlying goals are. I worry deception technology is the latest cool trend, but organizations need to stop and think [about] what they are trying to achieve.
While Ashenden said deception technology can also be very resource-intensive and that many CISOs dont understand why they need it, Woodcock wondered what an action plan for dealing with an attacker would look like, once deception technology got activated. Thats not an endgame that many organizations are prepared to address or manage.
Ashenden also said there are questions on where in the network or SOC to deploy deception technology and that more work is needed to determine how this emerging technology fits into the cybersecurity portfolio. Cuatrecasas added that deception users should be prepared to make decisions, as what you find may be something that we do not know about.
As for implementation tips, Woodcock said familiarity and experience with threat intel could simplify deception rollout and management. He also recommended having an environment that looks real to an attacker — as if the network is very locked down and one server is open — as it is a giveaway to the attacker about what is going on. Know your objectives, how an adversary will perceive it, and how you will respond, he said.
Ashenden recommended discussing with senior management what the technology will achieve and what it offers the wider organization, not to mention a strong business rationale for buying and using.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Deception Technologies Have a Maturity Problem