Browse Definitions :
Definition

counterintelligence

Counterintelligence (CI) is the information gathered and actions taken to identify and protect against an adversary’s knowledge collection activities or attempts to cause harm through sabotage or other actions. The goal of CI is to ensure information cannot be modified or destroyed by a malicious actor and that only authorized people can access an organization's information.

CI is often associated with intelligence agencies, government organizations or the military but businesses also benefit from including CI in their approach to security. In cybersecurity, counterintelligence is used to support the information security triad of Confidentiality, Availability, and Integrity (CIA). Many organizations practice aspects of CI, but refer to it by different names, including data loss prevention (DLP), malware reverse engineering and Network forensics.

How counterintelligence works

Counterintelligence activities can be categorized as being either collective, defensive or offensive. Collective CI efforts focus on learning who the adversary is, how they collect information, what attack vectors they are targeting and what tools they are using. Defensive CI efforts focus on securing information and preventing an adversary from stealing or destroying it. Offensive CI activities focus on turning an attack into an opportunity to gain an advantage by using disinformation.

While most information technology (IT) security administrators routinely conduct defensive CI and collective CI, the value of using offensive CI is not always understood. With the right implementation, deception technology can be used to improve collective, defensive and offensive CI. Deception technology uses decoys, such as honeypots and virtual honeypots, to misdirect an attack and delay or prevent the attacker from going deeper into the network and reaching the intended target. By observing the tactics, techniques and procedures attackers use in their attack, defenders can gain valuable insight that can be incorporated into their defenses.

This was last updated in May 2018

Continue Reading About counterintelligence

SearchNetworking
  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

  • overlay network

    An overlay network is a virtual or logical network that is created on top of an existing physical network.

SearchSecurity
  • X.509 certificate

    An X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure (PKI) ...

  • directory traversal

    Directory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory ...

  • malware

    Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server.

SearchCIO
  • chief transformation officer (CTO)

    Chief transformation officer is an executive role, often in the C-suite, that focuses on bringing about change as well as growth ...

  • data latency

    Data latency is the time it takes for data packets to be stored or retrieved. In business intelligence (BI), data latency is how ...

  • chief data officer (CDO)

    A chief data officer (CDO) in many organizations is a C-level executive whose position has evolved into a range of strategic data...

SearchHRSoftware
SearchCustomerExperience
  • implementation

    Implementation is the execution or practice of a plan, a method or any design, idea, model, specification, standard or policy for...

  • first call resolution (FCR)

    First call resolution (FCR) is when customer service agents properly address a customer's needs the first time they call.

  • customer intelligence (CI)

    Customer intelligence (CI) is the process of collecting and analyzing detailed customer data from internal and external sources ...

Close