by Lawrence Pingree | June 30, 2016 | Comments Off on Is deception effective at delaying or detecting an attacker?
The first question that many folks ask about using deceptions in their security programs is, can’t a deception be easily detected? The answer is yes but also no. IN fact, this is really the core reason the technique is so effective in detecting and misdirecting attackers in an enterprise environment. Recently, I did a webinar for CISO clients at Gartner and I used the following slide and asked everyone on the phone to tell me which of the examples was the deception – I got crickets!
Can you answer the question below? (Scroll to the bottom to see the answer)
The Answer: Neither examples are deceptions, now you know the entire point of using deception. The attacker must trust what they see. But before they have a chance to guess, they get detected!
Read Complimentary Relevant Research
Managing Risk and Security at the Speed of Digital Business
Digital business challenges the basic principles of information risk and security management. Risk and security leaders must understand...
View Relevant Webinars
Ransomware Protection: Facts and Myths
Solutions for preventing, detecting and recovering from ransomware have strengths and weaknesses. What are the true facts, and what myths...
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.