Deception technology is evolving as a powerful asset in the cybersecurity arsenal, providing significant advantages in being able to monitor an attacker’s behavior, says Joseph Krull, senior analyst at Aite Group, a research and advisory firm.
“When an attacker gets into the network and they go after one of these deceptive assets – when they take a document that is put there specifically for stealing – you know immediately that you have got someone in the network that shouldn’t be there and you can start to sandbox them,” he says in an interview with Information Security Media Group. “And, interestingly, you can watch their whole attack scenario without having to shut it down like you would with a traditional defensive technology.”
In this interview (see audio link below photo), Krull discusses:
- The evolution of deception technology and why it has been a tough sell;
- How the technology is evolving to be more dynamic;
- Innovations that are paving the way for a next generation of deception technologies;
Krull is a senior analyst at Aite Group specializing in cybersecurity, privacy and IT risk. With more than 40 years of security and privacy experience, Krull is a frequent speaker at international events, and he has been a regular contributor to cyber and audit professional organizations in the U.S. and Europe. He has worked in 115 countries and has provided cyber and privacy consulting advice to large enterprises on four continents.