Bookmark and Share

Turning the Tables with Deception-Based Security

Deception-based security is not as prevalent as other security tools, as noted by moderator Stacey Halota, but many organizations in industries like retail and healthcare are beginning to turn to deception-based security for new solutions and additional protection. If an organization chooses to enlist deception-based technology—for instance, creating fake data—they must have efficient incident response and be mindful to create fake data that is not too realistic. In the event of a breach, no one wants to incite panic and have to explain to customers that the data contained no real information and nothing was actually stolen. However, deception-based technology is a wonderful tool to use in training, such as red team activities, to determine if the fake data, applications, and devices are being hacked into by legitimate threats. For enterprises that have tools generating tons of alerts, deception-based technology in contrast produces few alerts but also few false positives, making it easy to layer it onto already-existing systems without causing a massive uptick in alerts. One participant discussed their homegrown deception-based technology and how they used it to study attackers, learning how they attacked, how deeply they probed into the network, what information they were searching for, etc. As a result, the participant’s company became better at responding to attacks through learning and observing.