Imagine for a moment, a future where enterprises get to remotely control the actions of the threat actor. A future where you will be able to engage products or services to monitor and inject the right information at the right time in order to disrupt or mislead the threat actor, pushing them towards the deceptive assets and applications that you want them to go to. A future that allows you to move the attacker away from sensitive assets and evolve their attack as they target you whether on premise or in the cloud.
In 2018, let’s re-imagine the security landscape, where we use active enterprise-ready counterintelligence operations to mislead the attacker and create havoc for their operational activities while disrupting them throughout the attack kill-chain. We will reap havoc in their attack discussions and planning cycles because attackers are vulnerable to deception and misdirection as they discuss the many ways to attack enterprises and their assets. We must rethink the future of security detection and response strategies in order to best leverage counterintelligence operations in countering the threat actor.