Using Threat Deception on Malicious Insiders

DarkReading News Desk Interview with Ofer Israeli

 

Insider incidents, representing 40% of cyberattacks, present several unique challenges. With an increasing level of access to common attack tools, stealth insiders can operate more silently and inflict more damage than outsiders because they already have some trusted access and insight into an organization’s valuable assets. But in many cases, malicious insiders must also snoop around file systems and acquire credentials and connections to systems and applications they don’t have authorized access to—in other words, they must conduct lateral movement just as an external attacker would.

This video provides valuable insight from noted security expert and Illusive Founder and CEO Ofer Israeli and Dark Reading contributor Lenny Liebmann, as they discuss how deception technology can help fight insider-initiated attacks.

You’ll learn:

  • What it means to have distributed deceptions to protect your network
  • How deceptions are particularly useful against malicious insider threats, but also against external attackers
  • How Illusive’s Attack Surface Manager helps to map access footprints within a network, enabling a preemptive protection before an attack even occurs
  • When lateral movement occurs, how you can pick up on it very early on and receive detailed forensics to help catch attackers in their tracks


For more on Insider Threat management, download our complimentary whitepaper: Stopping the Attackers You Trust: A deception-based approach to Insider Threats.

Deception technology, which has evolved well beyond traditional honeypot and honeynets, can play a critical role in countering malicious insider attacks. Distributed deceptions can help security teams detect attackers early, cut down on lateral movement, and take to the offensive against hostile threats - results in better protection of critical businesses applications and data.