When you talk to IT security experts about deception technology, the question always comes up:
“Why don’t all large companies use it? They would have their own security analysts and a Security Operations Centre (SOC) and can run it themselves.”
This is true, but small and medium-sized enterprises (SMEs) can also use deception technology to their advantage.
To that end, let’s look at the three main benefits that Deception technology offers.
- Rapid detection of hackers in the system
- Minimising the damage caused by hacker attacks
- Analysis of hacker attacks using threat intelligence
SMEs benefit at least as much from the first two main benefits as large companies, and this is crucial if a hacker has penetrated a productive system. For the third main benefit, some IT security companies now offer a professional monitoring service.
If you look at the threat scenarios for SMEs, ransomware currently stands out. Activities in this area have quadrupled since the outbreak of the pandemic and are still increasing. Studies show that in 58% of the cases of ransomware attacks, a ransom was actually paid. Not to mention the additional costs incurred to restore the encrypted systems. In this context, the first insurance companies have already excluded ransomware damage from their coverage and no longer pay out anything in such cases.
This can be counteracted with deception technology. Through the rapid detection of attackers by means of lures that are laid out in the productive system, the attackers can be immediately diverted into a monitored system environment (to so-called decoys), where they can let off steam without causing further damage. If these decoys are encrypted, this is not a big deal, as there is no relevant data on them, and these servers can be rebuilt at the push of a button. It is also important to know that once the attackers have landed on these decoys, there is no direct way back into the productive system and one also knows from which endpoint in the productive system the attackers came onto the decoy. This endpoint can be immediately quarantined and reset.
The costs associated with this and the possible amount of damage is a fraction of what a complete encryption of the productive system causes in terms of damage and this is where the use of deception technology for SMEs pays for itself immediately.
Deception technology for SMEs is now available in Europe for the first time.
About the author