Using Deception to Slow Down and Repel Cyber Attacks
Featuring Craig Harber, the Chief Technology Officer for Fidelis Cybersecurity.
What if we introduced additional assets through deception that aren't real, so that what was potentially 100 endpoint devices just became 1,000 or 10,000? If they engage those assets, we know that it's an attacker. It really creates a high-fidelity infrastructure for us to constantly monitor and look for.
We can use that from an intelligence standpoint to really understand adversaries: how they're going to behave, what techniques they're using. Or we can use it to automatically trigger our defensive capabilities.
All the agencies, they already have investments, and they need to make a conscious decision of where do they essentially eliminate costs, and where do they add new capabilities, and how do they add them in an integrated and automated fashion?
One aspect is, do the agencies and organizations actually have the skilled workforce to even operate these platforms? And, so, you'll see across even industry, there's opportunities for managed services, versus does the network owner and operator perform the analysis and the operations themselves?