Deception Technology: Clearing Up MythsFelix Mohan of CISO Cybersecurity on Improving Intrusion Detection
Deception technology can play an important role in intrusion detection because it can help track lateral movements of intruders, says Felix Mohan, CEO at CISO Cybersecurity, an advisory firm (see: Deception Technology: A Primer).
"Prevention technologies have been proven ineffective, and the focus is on detection and response, and in this perspective having technologies that improve the speed and accuracy of detection is crucial", Mohan says in an interview with Information Security Media Group (see: Adopting Deception to Control the Attack Narrative).
"The accuracy of detection that is thrown up by the latest deception technologies is far greater than normal deception technologies. For one, the false positives are almost zero."
Mohan says deception technology can also act as a deterrent for attackers. "If they get an inkling that in a particular network there could be deception technologies deployed, it automatically puts them on the slow-mode. They have to proceed very, very carefully," Mohan says.
But for deception technology to be effective, he says, "the decoys that are used ... need to be extremely authentic. If they are not authentic, the deception can be fingerprinted. ... Then there are other problems, like leading the attacker to the decoy."
In this interview (see audio link below image), Mohan discusses:
- Myths surrounding deception technology;
- Deception technology challenges;
- Use cases for the technology.
Mohan is CEO at CISO Cybersecurity, a consulting and advisory firm. He previously was global CISO at Bharti Airtel, where he was responsible for managing information risks, business continuity and compliance across 22 countries. He has also been a directorate and head of the Indian Navy's IT department.