Intelligent CISO Issue 13 | Page 69

decrypting myths movement, revealing tactics, techniques and procedures (TTPs), and gathering indicators of compromise (IoCs), security teams can confidently eradicate threats and prepare proactive defences against future threats. Turning a cybercriminal’s own deceptive techniques against them with realistic decoy environments and assets will provide a unique and powerful opportunity for organisations to shift power away from the attackers. Would-be intruders will find themselves lost in a confusing maze of false assets, while the defenders gain the upper-hand with valuable insights for building a pre-emptive defence and for fortifying their prevention controls. u false starts will cause the intruder to waste precious time and impact the economics of their attack. A full distributed deception platform offers much more than a confusing house of mirrors to detect attackers early. It also reduces the attack surface by providing visibility into attack paths and exposures that could be exploited to advance the attacks. The security team can now predict the paths an attacker will take and can actively shut these down and obfuscate attack surfaces to dramatically reduce the chances of the adversary’s success. More opportunistic attackers will often cut their losses in the face of such resistance and give up, seeking out lower hanging fruit instead. www.intelligentciso.com | Issue 13 Knowledge is power More persistent attackers may continue their attack but will face even tougher challenges as their actions now give away useful intelligence to the defenders. One of the most powerful capabilities of high-interaction deceptive technology is its ability to reveal the methods and tactics of cybercriminals, providing the opportunity to closely observe attacker activity without risking their real network infrastructure and assets. Engagement-based alerts are substantiated, giving defenders the information to decisively shut down an active attack. By tracking lateral Turning a cybercriminal’s own deceptive techniques against them with realistic decoy environments and assets will provide a unique and powerful opportunity for organisations to shift power away from the attackers. 69