India’s C-Suite exploring deception technology to fight cyber crime

One might fancy a combination of encryption tools, firewalls, and antivirus together knead the shiny armor for protection against cybercrimes. But it could lead to a costly irreparable mistake for an organization! Cybersecurity posture isn’t a one-time implemented solution but is a constantly evolving process that can’t afford to have loopholes.

The simple truth to be said, no business is too small to be the target and no business is too big to be immune. And the attacks are set only to increase – according to CERT-In, more than 3.13 lakh cybersecurity incidents were reported in India in 2019 (till October), an almost 50 percent increase since 2018.

Deceit has been a successful strategy for the army for ages now. Seems like the security warriors are adopting the same strategy in the IT battlefield as well. The technology of deploying decoys to detect threat activities in the network as the nemesis continues their footsteps is called deception technology. The new age threat platform is witnessing a good uptake across the organizations – globally and in India – to keep bad actors at bay.

IDG

Rohit Kachroo, CISO at Indiabulls Group believes that deception technology can prove to be a game-changer amidst the increasing wave of sophisticated cybersecurity threats. “Compared to legacy defense mechanisms, it works more accurately, precisely and effectively even with minimal human investment,” he says, the security leader of one of India’s leading diversified financial services group.

Agreeing with Kachroo on this, Manikant R Singh – CISO at DMI Finance tells that the deception technology is a game-changer to ‘help us prepare’ to the increasingly sophisticated attack vectors. With these threat platforms, the magnanimity of the attacks gets reduced and its self-healing attribute completely rollbacks to the original stage if found compromised by threat, he adds.

Unique Kumar

Whereas another security leader, Unique Kumar, Head – Digital Innovation and Cybersecurity at Max Healthcare feels its high time OEMs defend themselves from cyberattacks, and not just detect. “Deception technology is good for detection, but instead of depending on the technology alone, I believe, CIOs and CSOs of an organization should do due diligence and strategically plan the best technology to implement,” he adds.

After being on the radar for a very long time, the security teams have now increasingly started implementing this deception mechanism to coax hackers into entering a false network. According to a report, the deception technology market is expected to reach USD 2.09 billion by 2021, at a CAGR of 15.1 percent from 2016 to 2021. 

An emerging cybersecurity defense-as-detection method, this involves integrating deceptive tactics into security tools to lure hackers who try to enter the real network into a pretense environment. 

IDG

“There are several new-gen technologies that are evolving to ensure safety against the growing cyber-attacks. Deception technology vendors offer a platform for detection inside a threat defense. These solutions are indeed great platforms to detect human and automated attackers,” says Harnath Babu, CIO at KPMG.

A leading cybersecurity provider had interesting observations of the threat actors’ degree of knowledge in compromising a smart factory when it deployed a very elaborate honeypot. The attackers visited the system within two months of its launch, and the vendor studied each one closely. Cryptocurrency miners, ransomware threat actors, casual intruders, good intention hackers- the deployed honeypot had witnessed all types of hackers.

Challenges In Future

Singh says the adoption of deception technology among Indian CSOs will be welcomed by big enterprises, however, it looks much disputed in MSME and SME segment as they are more unprepared and rely on signature-based security.

 However, Kachroo is positive on deception technology gaining more mind share in the cybersecurity space. “More Indian CSOs will be embracing this technology to track the digital footprints of cybercriminals. Especially financial organizations, as their last line of defense as detection accuracy of the technology is far greater than the legacy detection technologies,” he says.

Harnath has a slightly different take, “As CSOs grapple with the challenge of improving the speed of data theft detection, implementing deception technology such as honeypots would help keep a tab on the movement of intruders.”

However, Kumar feels security leaders shouldn’t restrict or depend solely on deception technology, instead explore other technologies as well. “It’s essential to explore solutions based on artificial intelligence and machine learning pattern which protects digital assets of the organization without impacting the business operations.” He suggests setting up a 360-degree protection as hackers have different ways to penetrate the network.

Threat Deception Platforms are a good method to learn about hackers’ mindset. But, it has its share of disadvantages which CSOs need to be cognizant of – especially, about the challenges during implementation.

It’s very hard to pitch and convince about the benefits of deception technology with quick benefit minded management within the organization and ROI of this solution is tough to show, Kachroo points out. Also If not implemented correctly, it can be fatal for the entire cybersecurity ecosystem, he says.

Singh believes the key challenge to implementing deception technology is the identification of suitable use cases and implementing them effectively. “With the rapid growth of cloud infra, the cost cycles of these solutions skyrocket, besides ROI on impact, probability becomes more ambitious,” he adds.

Kumar says, “These solutions are very expensive and you cannot change it frequently.” He advises other security leaders to first understand the targets that have to be achieved and then shortlist products based on that. Apart from manageability, proof of conduct (POC) should be matched to determine if the results have been achieved, he adds.

Harnath mentions that the implementation also depends on risk assessment and security layers already instigated by CIO/CISO and their teams. “It is important to build security in a way that layers are merged and interacting more with each other – inside the network and the outside network. We need to follow an integrated approach and a focus to have a single platform/solution for a stronger security framework. If we continue to have different solutions for different requirements, the cost would automatically rise – making it difficult to implement.” Harnath points out.

DMI Finance

Nevertheless, even with its own set of disadvantages, CSOs stay positive about the deception technology being embraced more by security and tech leaders – and it’s just a start.

Recent predictions and research reports from the analysts’ firms only imply that the cyberattacks are expected not just to increase, but are also about to get more complicated.

Gartner identified deception technology as the top technology for security back in 2017. In 2019, the research agency predicted that 10 percent of the enterprises will already be using deception tools and tactics and actively participate in deception operations against attackers in that year.

With the market study, deception technology seems to be a technology with great potential that could turn the tables for security leaders.