When we hear about cybersecurity incidents, it is mostly because an attacker is in the box seat and in control. Perhaps they have breached a company and exfiltrated data, or unleashed ransomware or some other type of malware payload.
By contrast, we often do not hear about attacks that have organisations have successfully repelled.
Within information security, there have been long-running efforts and investment to ‘turn the tables’ and put the balance of power back into the hands of defenders.
It leads to the question: to what extent can defenders guide – or even attempt to control – an attacker’s movements completely?
To answer this, one must first understand how an attacker approaches a target.
The MITRE ATT&CK framework is one way of understanding attack tactics and techniques. Its matrices offer a way to determine what steps a particular attack might follow and outcomes it might commonly lead to as a result.
Increasingly, attacks such as ransomware are targeted and surgical.
Full fabric deception platforms allow organisations to engage an attacker fully, gather intelligence, and then take that information and automate the incident response actions behind it.
Read the complete article by Jim Cook in IT Wire.