Tis the season to make predictions for 2024, so here\u2019s one of mine: Deception technology will become more pervasive in 2024 and become a security operations staple by the end of 2025.\n\nNow, there are two common counterpoints I often hear from deception technology skeptics. First, many cybersecurity pros say they\u2019ve heard this prediction before, and it hasn\u2019t panned out. Others claim that deception technology is constrained to the elite of the elite organizations. In fact, many dismiss it as something reserved for threat analysts working at GCHQ, NSA, or threat intelligence specialists like CrowdStrike, Mandiant, and Recorded Future. The term \u201cscience project\u201d often comes up.\n\nDeception technology trends\n\nAlas, these are legitimate points, but I firmly believe that several cybersecurity and general IT trends are converging into a perfect storm bound to greatly simplify deception technology, bring it to the mainstream. These trends include:\n\nHow deception technology might work in the future\n\nThese trends provide the technical foundation for advanced deception technologies. Here\u2019s a synopsis of how the system might work:\n\nIt\u2019s worth mentioning that all scanning, data collection, processing, and analysis will be continuous to keep up with changes to the hybrid IT environment, security defenses, and the threat landscape. When organizations implement a new SaaS service, deploy a production application, or make changes to their infrastructure, the deception engine notes these changes and adjusts its deception techniques accordingly.\n\nUnlike traditional honeypots, burgeoning deception technologies won\u2019t require cutting-edge knowledge or complex setup. While some advanced organizations may customize their deception networks, many firms will opt for default settings. In most cases, basic configurations will sufficiently confound adversaries. Remember, too, that deception elements like decoys and lures remain invisible to legitimate users. Therefore, when someone goes poking at a breadcrumb or canary token, you are guaranteed that they are up to no good. In this way, deception technology can also help organizations improve security operations around threat detection and response.\n\nSome final thoughts:\n\nIf I were a younger man, I\u2019d drive to Boston, grab some money from local VCs, and hire a bunch of MIT students to build a modern deception system myself. I predict some similar independent efforts but ultimately, deception technology will piggyback on top of other security operations systems. Fortinet and Zscaler are already pursuing this approach, I expect others to follow suit.