For multinational banks and other financial services companies, one of the biggest barriers to better security is pure scale. In large environments, where endpoints number in the tens or hundreds of thousands, how can you keep attackers out 7x24x365?
Deception can play a powerful, multifaceted role in helping financial services organizations protect their crown jewels. Our recent post, By Detecting Lateral Movements, Banks Can Get Ahead of Fraud and APTs (Aug. 21, 2017) described how deception is used to combat fraud. In this post, we’ll look at how deception can play a strategic role in defeating insider threats.
I have attended many of the large-scale security industry trade shows, RSA, Gartner, BlackHat, etc. and am currently at the Gartner Security Summit in National Harbor MD. Having spent the past 2 days on the exhibit floor, and attending some of the sessions, I find it challenging for any security practitioner to identify, select, and investigate the top 3 or so security solutions that may be the most relevant to today’s challenges.
Growing awareness of illusive networks Deceptions Everywhere™ technology recently led SANS Fellow, Dr. Eric Cole, to test our solution. Not only did he aim to successfully deceive an attacker, he also evaluated illusive’s scalability, manageability, and believability. The results of his (unsuccessful) efforts to attack a network and escape detection are contained in a new SANS Product Review - Deception Matters: Slowing the Adversary with illusive networks.
Based on Ponemon Institute research, feedback from over 300 participating companies, the average total cost of a data breach increased from $3.79M to $4M and the number one root cause of data breaches was malicious or criminal attacks. There are hundreds of other IT Security stats just as discouraging, but one thing is consistent across all of these studies; traditional prevention tactics are not enough. Advanced attackers are relentless and their methods evolve faster than legacy technology.
What are the options?
Did you feel that rumble? No, it wasn’t an earthquake. There it is again. It seems to be coming from the Moscone Center. Wow, all the hustle and final preparations for the RSA Conference is certainly making a ruckus!
In one week, thousands of IT Security Professionals invade … I mean … travel to the City by the Bay looking to fulfill their cybertech hopes and dreams. It’s the event where the greatest tech minds come together to network, teach and learn about new solutions. And let’s not forget, it’s the event that has the best chachkies!
RSAC 2017 is finally upon us! Here are five things to keep in mind during the conference. Enjoy!