Tech Talk:
Deception & Active Defense for Election Security

Deception was successfully used, by a very small staff, to thwart Russian influence of France's presidential election. Today's cyber security teams are shorthanded and struggling to find the proverbial needle in the haystack or the singular event inside petabytes of data, and that event must mean something. If it doesn't, already limited resources are consumed with chasing a false positive. The best way to keep up with the tactics that attackers use against us is through automated responses to high-fidelity events, and that is the promise that deception brings to cyber defenders. Most enterprises do not suffer from a lack of tools, they are typically flooded with tools. However, attackers still get past our current defensive perimeters relatively quickly and linger far longer than anyone desires. NIST (800-160v2 and 800-171b) agrees that deception is critical piece of the puzzle in reducing the dwell time of attackers in our networks through the quick detection of lateral movement.

This talk covers where deception technologies are today, the future of deception for cyber defense, and is delivered by Chris Roberts.