The high-tech sector is known for its technology and for being amongst the earliest adopters of cybersecurity. The design innovation and use of cutting edge technology have long been viewed as a competitive advantage and extensive measures have been taken to guard closely intellectual property (IP) and patents, which are generated to protect a company’s IP. High-tech company environments are built with ubiquitous access, extensive internal and 3rd party collaboration, and an openness to using devices of employee’s preference and for employee self-administered device maintenance.
These factors combined, create a large attack surface to protect and with the speed at which these environments change, a challenge to defend. As a result of the high value information and a complex IT environment, high-tech has become a prime candidate for cyber-attacks including the theft of intellectual property, sabotage of websites and reputations, and modification of source code.
One of the biggest threats for high-tech is a loss of intellectual property to nation states and competitors. Having IP stolen after years of investment can dramatically reduce an organization’s competitive advantage and result in significant market share and revenue loss. Since IP theft disclosure is not reported, the full extent of IP breaches remains unknown and only surfaces with media coverage.
High-tech is also not immune to insider threats whereas an employee or contractor may be seeking to steal company information for additional financial benefit, as a basis for new company or in the case of a disgruntled employee, for harm to the company. In the recent PWC survey, The Global State of Information Security® Survey 2015, current and former employees are reported as the most frequent culprits of security incidents, cited by 36% and 32% of respondents, respectively. It is not hard to imagine how a single highly skilled insider, with the right kind of access, can quickly do more damage than most outside attacks based on reconnaissance, use of stolen credentials or phishing emails.
IP theft may be the most prevalent target. However, high-tech companies offering online services are also at risk for attacks targeting customer personal identifiable information (PII). Many countries will require that high-tech organizations disclose the loss of any loss of PII information exposing these companies to the same liabilities and the negative brand impact that a retail organization may incur from a data loss breach.
High-tech companies are also faced with hacktivist threats. This type of attack is driven by technically savvy people who look to using something for a purpose other than what it was originally designed for. These attacks tend to be extremely targeted with intent to cause great financial loss and damage to a company’s reputation.
Attivo takes a modern approach to network security and operates on the premise that attackers will get inside the network. Attivo has created advanced network security solutions that use deception based threat detection techniques to help organizations dramatically increase the speed to which threats inside the network are uncovered, understand an attacker’s intent, and establish a defense against future attacks.
The Attivo BOTsink® Solution active deception techniques involve luring attackers to engage with the BOTsink Solution vs. a tech company’s servers. Highly interactive decoys are 100% customizable to a company’s environment for additional authenticity. Signatures and big data analytics are not required to detect intrusions, and there are no false positives, aka noisy alerts, since an alert is only generated from real engagement. A full suite of forensics is provided via the Attivo threat intelligence dashboard and IOC reports to update preventative systems with the tools to shut down current and future attack attempts.
The Attivo active deception techniques are authentic and proven to detect threats targeted at exfiltrating company’s IP, personnel records and other sensitive information stored in data centers, shared with other 3rd parties, and associated with Internet/web presence, HTTPS, and phishing attacks.