Imagine for a moment, a future where enterprises get to remotely control the actions of the threat actor. A future where you will be able to engage products or services to monitor and inject the right information at the right time in order to disrupt or mislead the threat actor, pushing them towards the deceptive assets and applications that you want them to go to. A future that allows you to move the attacker away from sensitive assets and evolve their attack as they target you whether on premise or in the cloud.
In 2018, let’s re-imagine the security landscape, where we use active enterprise-ready counterintelligence operations to mislead the attacker and create havoc for their operational activities while disrupting them throughout the attack kill-chain. We will reap havoc in their attack discussions and planning cycles because attackers are vulnerable to deception and misdirection as they discuss the many ways to attack enterprises and their assets. We must rethink the future of security detection and response strategies in order to best leverage counterintelligence operations in countering the threat actor.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.