How deception can change cyber security defences

The use of deception technology in modern cyber security as a viable means of active, intelligent post-breach defence is a rapidly emerging phenomenon. But like any disruptive technology it comes with misconceptions. As cyber criminals continue to phish, bait, deceive and lure users, cyber defences need to move beyond being based on primarily detecting bad things within an ocean of good activity. Given how attackers are progressing, there is a clear case for invoking an active defence to lure, detect and defend against malware and intruders moving laterally within the network. The use of deception technology in modern cyber security as a viable means of active, intelligent post-breach defence is a rapidly emerging phenomenon. But like any disruptive technology, it comes with misconceptions. Cyber defences need to move beyond being based on primarily detecting bad things. There is a clear case for invoking an active defence to lure, detect and defend against malware and intruders moving laterally within the network. And cyber deception is just now making its way to the main stage for cyber security as a viable option for an active defence, says Andrew Bushby of Fidelis Cybersecurity.