Imagine for a moment, a future where enterprises get to remotely control the actions of the threat actor. A future where you will be able to engage products or services to monitor and inject the right information at the right time in order to disrupt or mislead the threat actor, pushing them towards the deceptive assets and applications that you want them to go to. A future that allows you to move the attacker away from sensitive assets and evolve their attack as they target you whether on premise or in the cloud.
In 2018, let’s re-imagine the security landscape, where we use active enterprise-ready counterintelligence operations to mislead the attacker and create havoc for their operational activities while disrupting them throughout the attack kill-chain. We will reap havoc in their attack discussions and planning cycles because attackers are vulnerable to deception and misdirection as they discuss the many ways to attack enterprises and their assets. We must rethink the future of security detection and response strategies in order to best leverage counterintelligence operations in countering the threat actor.
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.