Prospects for deception security tools may lighten dark days
"Profit is sweet, even if it comes from deception," the playwright Sophocles wrote. Over two millennia later, the ancient Greek's words still ring true. Or perhaps they need just a tweak -- because now those "sweet" profits come because of deception.
Deception technologies, that is.
The market for deception security tech is expected to boom by 2021 to over $2 billion a year, according to MarketsandMarkets. There's a good reason: This latest category of IT security products takes a new, proactive approach to keeping an organization's systems and data safe from sophisticated cyberattacks. And doesn't it feel good to go on the offensive for once, instead of just waiting behind the line of defense for the inevitable onslaught from attackers?
Taking the "deceptive" approach to IT security also promises to eliminate the time suck of false positives. Because a key component of these deception tools is the use of decoys to draw in attackers, if someone takes the bait, you know they are an actual intruder. Or at the minimum, they're an insider inadvertently treading where they're not allowed. Even better, deception security tools allow your organization's team to not just repel attackers but also observe them. Security teams can learn what assets intruders are after -- credentials and data, perhaps? They can also learn how they operate. Are they moving laterally? Are they installing ransomware?
Deception security tools promise a fundamental change to the old cat-and-mouse game security has become. Given the slew of advance threats out there, and the damage they can do to an organization's bottom line, now's the time to take a more proactive approach to security and test out deception technology tools.