As deception technology becomes more mature, it's likely that managed security service providers will incorporate a deception offering into their packages, says Rik Turner, a principal analyst with the IT security and technology team at the consultancy Ovum.
"I would say at that point it should become available then to a much larger community of enterprise users," Turner says in an interview with Information Security Media Group. "Smaller companies will then be able to take this as a managed service, which is probably what you're going to want if you don't have a very big security team."
Deception technology has been gaining traction as a way for organizations to get a view on how attackers are targeting their assets. But because the assets are decoys, it buys time to craft a defensive posture and ensure production systems are well defended.
A bevy of startup companies have developed technologies that use deceptive techniques. But deployment so far has typically been among larger Fortune 1000 companies with mature information security programs.
In the interview (see audio link below photo), Turner discusses:
- The transition from low-interaction deceptions to high-interaction ones, which provide more details to defenders;
- Whether deception technology will fool sophisticated attackers;
- How deception technology will likely fall into a new category called managed detection and response.
Turner is a principal analyst with Ovum's IT security and technology team. He specializes in IT security, compliance and call recording.