New EMA Research Explores the Growth of Deception Technology in the Enterprise

Share Article

Respondents in new EMA research whose organizations were using deception technology reported dwell times as low as 5.5 days

A Definitive Market Guide to Deception Technology Research Report

A Definitive Market Guide to Deception Technology Research Report

The dramatic reduction in dwell time realized through deception technology is unheard of in this industry.

Enterprise Management Associates (EMA™), a leading IT and data management research and consulting firm, released a new research report titled “A Definitive Market Guide to Deception Technology” based on criteria defined by Paula Musich, research director of security and risk management at EMA.

The use of deception technology designed to throw off stealthy attackers from real assets and gather intelligence about how they operate is gaining ground in the enterprise. Although still not considered a mainstream defense, deception technology continues to gain acceptance among more forward-leaning security operations groups trying to get ahead of attackers and keep them from doing serious damage. In fact, 70% of deception users indicated their approach to cybersecurity is to strive to be at the forefront of cybersecurity innovation, while only 28% of all respondents indicated that approach.

Given the predominance of low and slow multi-staged attacks in which attackers move stealthily around networks they’ve breached in order to locate, access, and exfiltrate sensitive data or other valuable assets, it’s not surprising that interest in deception technology is growing. It is ideally suited to detect attackers early in the lifecycle of the threat, and is a departure from traditional security tools that are reactive, rather than proactive, in nature.

One way this technology is getting ahead of the pack is by helping to reduce dwell time. Today’s deception technology has evolved way beyond yesterday’s honeypots or honeynets to more actively engage with attackers earlier in the lifecycle of the attack. For deception users, this has resulted in a dramatic drop in the average number of days it takes to detect attackers already operating within an enterprise network. Respondents in this research whose organizations were using deception technology and were very familiar with the technology reported dwell times as low as 5.5 days. The average across all respondent types was just shy of 32 days—a mean no doubt lowered by the success of deception technology users.

“Although the IT security industry has been gradually reducing the amount of time stealthy attackers are present in enterprise networks, most studies still report upwards of 75 days of attacker dwell time,” said Musich. “The dramatic reduction in dwell time realized through deception technology is unheard of in this industry.”

The research examined how deception technology can be used to reduce business risks across a wide range of different use cases. No one specific use case stood out among deception users and evaluators in looking at 19 different use cases that spanned the gamut of ransomware detection, data loss tracking and counterintelligence, and insider policy violations. However, when all respondents were asked to rank the top tools they were using to detect insider threats across 12 different types of tools, deception technology tied with next-generation endpoint security for the top choice at 30%.

What the research made clear is that more organizations are looking to understand how deception technology can complement and improve their existing defenses against increasingly sophisticated attackers with a range of different motivations. As the attack surface expands outside of traditional IT assets and into the cloud and IoT devices, deception is one path worth considering in the war against cybercrime.

A detailed analysis of the research findings is available in the report, “A Definitive Market Guide to Deception Technology.”

Highlights from the report will be revealed during the free August 20 webinar, “A Definitive Market Guide to Deception Technology.”

About EMA
Founded in 1996, EMA is a leading industry analyst firm that provides deep insight across the full spectrum of IT and data management technologies. EMA analysts leverage a unique combination of practical experience, insight into industry best practices, and in-depth knowledge of current and planned vendor solutions to help their clients achieve their goals. Learn more about EMA research, analysis, and consulting services for enterprise line of business users, IT professionals, and IT vendors at http://www.enterprisemanagement.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Raleigh Gould
@ema_research
Follow >
Enterprise Management Associates (EMA)
Like >
Visit website