Gartner identifies deception as a top 10 security technology for 2016

Industry research and advisory firm Gartner has been tracking deception technology for a while now. Research Director Lawrence Pingree (Twitter) had written about deception in 2015.

Gartner just released its list of the ‘Top 10 Technologies for Information Security in 2016‘ and deception technology is one of the technologies they recommend. Here’s what they have to say:

Deception technologies are defined by the use of deceits and/or tricks designed to thwart, or throw off, an attacker's cognitive processes, disrupt an attacker's automation tools, delay an attacker's activities or disrupt breach progression. Deception technologies are emerging for network, application, endpoint and data, with the best systems combing multiple techniques. By 2018, Gartner predicts that 10 percent of enterprises will use deception tools and tactics, and actively participate in deception operations against attackers.

The other technologies that made the list are:

  • Cloud Access Security Brokers
  • Endpoint Detection and Response
  • Nonsignature Approaches for Endpoint Prevention
  • User and Entity Behavioral Analytics
  • Microsegmentation and Flow Visibility
  • Security Testing for DevOps (DevSecOps)
  • Intelligence-Driven Security Operations Center Orchestration Solutions
  • Remote Browser
  • Pervasive Trust Services

The growing interest in deception platforms is a result of the realisation that legacy detection systems are too focused on the ever-changing tools of the attacker, and do not deploy defences that are unique from organisation to organisation. As a result, attackers can easily modify their tools to evade these static defences. The evidence is the number of high-profile breaches that have succeeded in spite of antivirus, SIEM, sandboxing and other traditional defences being in place.