5 Ways Deception Tech Is Disrupting Cybersecurity

Enterprises and their Security Operations Centers (SOCs) are under siege. Security events are being triggered from all corners of the security stack – from the firewall, endpoints, and servers, from intrusion detection systems and other security solutions.

What’s more is that security teams do not have enough people or hours in a day to analyze the alerts that are coming in, and most “security events” don’t even imply an attack in progress. They often are simply sharing information (failed connections, for example) or are what we call “false positives” (when a solution thinks it has found a specific vulnerability, but in fact, it hasn’t.)

This is important because today, attackers use stealthy tactics that leverage these security challenges – after infecting an asset inside an organization, they keep a low profile, moving laterally in the hunt for valuable, sensitive data. The longer they stay in the network, the harder it becomes to detect their trail. The average “dwell time” – how long an attacker or malicious insider is inside an organization’s network – is measured in months, with some estimates in the 200+ day range.

Read more at TNW

(Visited 32 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

Go to Top
X
X