Enterprise Management Associates, profile picture
Uploaded byEnterprise Management Associates
PDF, PPTX155 views

A Definitive Market Guide to Deception Technology

The document provides a comprehensive guide on deception technology in the field of IT and cybersecurity, detailing its advantages, application, and demographics of users. It highlights key findings from a survey of 208 respondents regarding usage practices, organizational management, and reported effectiveness of deception technology against cyber threats. The guide also addresses concerns potential buyers have about adopting this technology and features insights from experienced industry analysts.

Embed presentation

Download as PDF, PPTX
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Paula Musich Research Director, Security and Risk Management Enterprise Management Associates pmusich@emausa.com A Definitive Market Guide to Deception Technology
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Watch On-Demand Webinar • A Definitive Market Guide to Deception Technology On-Demand webinar is available here: http://info.enterprisemanagement.com/a-definitive-market-guide-to- deception-technology-webinar-ws • Check out upcoming webinars from EMA here: http://www.enterprisemanagement.com/freeResearch
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Featured Speaker Paula Musich, Research Director, Security and Risk Management Paula brings over 30 years of experience covering the IT security and networking technology markets. She has been an IT security analyst for ten years, including as a research director at NSS Labs, and earlier as the principal analyst for enterprise security for Current Analysis. As a security technology analyst, Paula has tracked and analyzed competitive developments in the threat management segment of the information security market, ranging from advanced anti-malware to next-generation firewalls and intrusion prevention systems to content security, data loss prevention, and more. Slide 3 © 2019 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Sponsors Slide 4 © 2019 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Agenda Slide 5 © 2019 Enterprise Management Associates, Inc. • Introduction, Methodology, Demographics • Advantages of Deception • Application of Deception • The who, what, how, and where of deception technology usage • Attitudes about deception from evaluators of the technology
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 6 © 2019 Enterprise Management Associates, Inc. “Successful war follows the path of deception.” ~Sun Tzu, The Art of War
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Introduction & Methodology • Deception ≠ Honeypot • Doesn’t draw attacker attention • Highly accurate • Market populated by small vendors • Methodology • 208 respondents • 65% in IT & 6% in cybersecurity outside IT • 26% in IT supervisor or above roles Slide 7 © 2019 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Demographics • Company size • 50% Midsized/SME • 48% Enterprise • Using deception • 55%  24% highly familiar  23% good familiarity • Company size using deception • 82 Midsized; 32 Enterprise • Vertical Industries • 18% retail • 16% finance • 12% healthcare • 23% other • IT Budget • 17% $50 - <$100 million • 16% $25 - <$50 million • 13% $10 - <$25 million • Geography • Primarily serve North America Slide 8 © 2019 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 9 © 2019 Enterprise Management Associates, Inc. Advantages of Deception Technology
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Detection Effectiveness Compared Slide 10 © 2019 Enterprise Management Associates, Inc. How would you rate your organization's ability to detect and respond to in-network attackers early in the attack cycle? 49% 42% 7% 1% 1% 70% 30% 0% 0% 0% 0% 10% 20% 30% 40% 50% 60% 70% 80% 1- Highly effective 2- Somewhat effective 3- Neither significantly effective or significantly ineffective 4- Somewhat ineffective 5- Highly ineffective All Respondents Deception Users Highly Familiar with the Technology
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Average Dwell Time Compared Slide 11 © 2019 Enterprise Management Associates, Inc. What was the longest approximate time in days it took to detect a threat inside your network (a.k.a. average dwell time)? 5.52 11.09 6.94 60.93 31.93 0.00 10.0020.0030.0040.0050.0060.0070.00 Deception Users with High Familiarity Deception Users with Good Familiarity Deception Users with Limited Familiarity Non-Deception Users All Respondents Mean Time to Detect in Days
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Deception’s Unique Value Slide 12 What unique value or benefits does your organization believe deception technology provides? 10% 12% 10% 12% 10% 12% 13% 12% 9% 0% 5% 10% 15% Produces fewer false positives Produces more actionable alerts Reduces attacker dwell time Provides intelligence on attacker movement, techniques, and targets Helps prioritize events in the incident queue Provides visibility to attack paths based on credential and asset vulnerabilities Faster incident response Detects basic and advanced threats regardless of technique Provides ubiquitous detection across a wide variety of attack surfaces % Total Mentions (Mentions/Total Mentions) © 2019 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 13 © 2019 Enterprise Management Associates, Inc. Application of Deception Technology in the Enterprise
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Top Ranking External Internal Breach Attack Simulation 23% (31)* 20% (35)* DLP/Data Classification 22% (83) 23% (84) Deception Technology 16% (37) 30% (44) IDS/IDP/IPS 27% (90) 13% (86) Manual Threat Hunting Efforts 11% (36) 11% (44) Network APT Detection Analysis 13% (61) 21% (58) Next-Generation Endpoint Security 15% (71) 30% (77) Next-Generation Firewall/Unified Threat Management 18% (83) 19% (80) Secure Web Gateway 26% (66) 20% (59) Security Information and Event Management 23% (94) 23% (79) User and Entity Behavior Analytics 16% (45) 24% (55) Web Application Firewall 27% (71) 16% (63) Top-Ranked Detection Tools *Indicates total number of respondents for each response © 2019 Enterprise Management Associates, Inc.Slide 14
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Deception Use Cases Slide 15 Which of the following use cases does your organization believe represent deception technology's ability to reduce business risk? 7% 7% 7% 6% 6% 6% 6% 6% 0% 1% 2% 3% 4% 5% 6% 7% 8% % Total Mentions Detect ransomware Security framework risk reduction Data loss tracking and counterintelligence Detect credential theft Detect attacks on ICS/IoT/OT devices High-fidelity alerts to speed investigation and response Protect sensitive data from internal/external attackers Reduce security risk in cloud infrastructure © 2019 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING COTS vs. Honeypots vs. Homegrown Slide 16 Which of the following categories of deception technology does your organization use? 52% 18% 30% Commercial deception technology Traditional honeypot or honeynet Open-source or homegrown deception technology © 2019 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 17 The Who, What, How, and Where of Deception Technology Usage © 2019 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Who Manages Deception? Slide 18 Which functional group within your organization is responsible for day-to-day use and management of your organization's deception technology? 32% 26% 19% 9% 7% 5% 2% 0% 5% 10% 15% 20% 25% 30% 35% Security operations/SecOps/SOC Threat detection team Network security team/NOC Threat hunting team Incident response team Vulnerability management team It is outsourced to a security services partner Column % © 2019 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Decoys Slide 19 Which kinds of systems and devices have you emulated with decoys? 19% 19% 15% 14% 14% 11% 6% 1% 0% 2% 4% 6% 8% 10% 12% 14% 16% 18% 20% % Total Mentions IT infrastructure systems (e.g., LDAP servers, domain servers, etc.) IT network devices (switches, routers, telecom, etc.) Enterprise applications (CRM, ERP, etc.) Web servers Databases, file sharing systems, or other data repositories Smart devices (OT/ICS/IoT) Mainframes Other © 2019 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 20 © 2019 Enterprise Management Associates, Inc. How extensively does your organization use deception technology? 15% 15% 14% 13% 11% 10% 7% 0% 2% 4% 6% 8% 10% 12% 14% 16% % Total Mentions Within our private data center(s) In OT, IoT, or other specialized infrastructure Within a hybrid cloud environment Within public cloud environments Remote locations (branch office, remote office, etc.) HQ offices Research/lab environments
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Deception Spending Slide 21 © 2019 Enterprise Management Associates, Inc. By your best estimate, how much did your organization spend on deception technology (including both hardware and software)? 2% 11% 32% 30% 12% 6% 0% 5% 10% 15% 20% 25% 30% 35% Less than $50,000 $51,000 to $100,000 $101,000 to $250,000 $251,000 to $500,000 $501,000 to $1 Million Over $1 Million Column %
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 22 © 2019 Enterprise Management Associates, Inc. What Potential Buyers Think About Deception Technology
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Deception Evaluation Drivers Slide 23 © 2019 Enterprise Management Associates, Inc. What is the primary reason your organization is considering or plans to consider deception technology? 67% 14% 11% 8% 0% 10% 20% 30% 40% 50% 60% 70% 80% To detect in-network attackers as early as possible To gather/develop threat intelligence To delay attackers already present in the network to prevent them from reaching critical assets To learn the motives and tactics of attackers within my environment Column %
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING 33% 28% 25% 22% 22% 22% 17% 14% 14% 14% 0% 5% 10% 15% 20% 25% 30% 35% It may not cover all the attack surfaces… Our organization may not be mature… Deception technology may not be… It may be too costly It may open my company to additional… It may negatively impact employee/user… It may be too easy for attackers to detect… The technology might be too difficult or… Deception may be too resource-intensive… Deception may be too complex/our… Most Concerned Potential buyers’ top concerns about deception technology © 2019 Enterprise Management Associates, Inc.Slide 24
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Questions? Slide 25 © 2019 Enterprise Management Associates, Inc. Get the report: http://bit.ly/2Z35j4c

More Related Content

PDF
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
byEnterprise Management Associates
 
PDF
Whitepaper: IP Risk Assessment & Loss Prevention - Happiest Minds
byHappiest Minds Technologies
 
PDF
How Automation and Orchestration Can Help Bridge the IT Security Skills Gap
byEnterprise Management Associates
 
PDF
Accelerating Enhanced Threat Identification and Incident Investigation
byEnterprise Management Associates
 
PDF
Using Digital Threat Intelligence Management (DTIM) to Combat Threats
byEnterprise Management Associates
 
PDF
EMA Megatrends in Cyber-Security
byEnterprise Management Associates
 
PDF
The Security Challenge: What's Next?
byCognizant
 
PDF
WhiteHat Security 8th Website Security Statistics Report
byJeremiah Grossman
 
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
byEnterprise Management Associates
 
Whitepaper: IP Risk Assessment & Loss Prevention - Happiest Minds
byHappiest Minds Technologies
 
How Automation and Orchestration Can Help Bridge the IT Security Skills Gap
byEnterprise Management Associates
 
Accelerating Enhanced Threat Identification and Incident Investigation
byEnterprise Management Associates
 
Using Digital Threat Intelligence Management (DTIM) to Combat Threats
byEnterprise Management Associates
 
EMA Megatrends in Cyber-Security
byEnterprise Management Associates
 
The Security Challenge: What's Next?
byCognizant
 
WhiteHat Security 8th Website Security Statistics Report
byJeremiah Grossman
 

What's hot

PPTX
SVB Cybersecurity Impact on Innovation Report
bySilicon Valley Bank
 
PDF
SVB Cybersecurity Impact on Innovation Report - Overview
bySilicon Valley Bank
 
PDF
Hewlett-Packard Enterprise- State of Security Operations 2015
byKim Jensen
 
PDF
The IT archipelago
byThe Economist Media Businesses
 
PDF
Unlocking High Fidelity Security
byEnterprise Management Associates
 
PDF
Protecting the brand—cyber-attacks and the reputation of the enterprise
byThe Economist Media Businesses
 
PDF
The cyber-chasm: How the disconnect between the C-suite and security endanger...
byThe Economist Media Businesses
 
PDF
How close is your organization to being breached | Safe Security
byRahul Tyagi
 
PDF
Stress Testing for the Digital Economy: Are YOU Ready to Deliver High Perform...
byEnterprise Management Associates
 
PDF
Platforms for Growth: Technology Innovations in the Insurance Industry
byState Street
 
PDF
Cybersource 2013 Online Fraud Report
byJoshua Enders
 
PDF
Cyber security investments 2021
byManagement Events
 
PPT
ciso-platform-annual-summit-2013-ciso assessment exec summary _ibm
byPriyanka Aash
 
PDF
Accenture Banking Security Index
byaccenture
 
PPTX
IT Alert Management Survey Results - February 2013
bySolarWinds
 
PPTX
CIO Agenda 2015 - Flipping Into Digital Leadership
byDerek Mulrey
 
PPT
Presentation to Irish ISSA Conference 12-May-11
byMichael Ofarrell
 
PDF
Adopting Intelligence-Driven Security
byEMC
 
PDF
Networkers cyber security market intelligence report
bySimon Clements FIRP DipRP
 
PDF
Assessing and Managing IT Security Risks
byChris Ross
 
SVB Cybersecurity Impact on Innovation Report
bySilicon Valley Bank
 
SVB Cybersecurity Impact on Innovation Report - Overview
bySilicon Valley Bank
 
Hewlett-Packard Enterprise- State of Security Operations 2015
byKim Jensen
 
The IT archipelago
byThe Economist Media Businesses
 
Unlocking High Fidelity Security
byEnterprise Management Associates
 
Protecting the brand—cyber-attacks and the reputation of the enterprise
byThe Economist Media Businesses
 
The cyber-chasm: How the disconnect between the C-suite and security endanger...
byThe Economist Media Businesses
 
How close is your organization to being breached | Safe Security
byRahul Tyagi
 
Stress Testing for the Digital Economy: Are YOU Ready to Deliver High Perform...
byEnterprise Management Associates
 
Platforms for Growth: Technology Innovations in the Insurance Industry
byState Street
 
Cybersource 2013 Online Fraud Report
byJoshua Enders
 
Cyber security investments 2021
byManagement Events
 
ciso-platform-annual-summit-2013-ciso assessment exec summary _ibm
byPriyanka Aash
 
Accenture Banking Security Index
byaccenture
 
IT Alert Management Survey Results - February 2013
bySolarWinds
 
CIO Agenda 2015 - Flipping Into Digital Leadership
byDerek Mulrey
 
Presentation to Irish ISSA Conference 12-May-11
byMichael Ofarrell
 
Adopting Intelligence-Driven Security
byEMC
 
Networkers cyber security market intelligence report
bySimon Clements FIRP DipRP
 
Assessing and Managing IT Security Risks
byChris Ross
 

Similar to A Definitive Market Guide to Deception Technology

PDF
Deception Technology: The Cybersecurity Paradigm We Didn’t Know We Needed
byGauriKale30
 
PDF
Deception Technology in Cybersecurity.pdf
byGauriKale30
 
PDF
Strengthening Cyber Defenses with Deception Technology: Top Tools and Techniques
byGauriKale30
 
PDF
What is Deception Technology? How It Detects Threats Early
byGauriKale30
 
PDF
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
byEnterprise Management Associates
 
PDF
Cyber Threat Intelligence: Transforming Data into Relevant Intelligence
byEnterprise Management Associates
 
PDF
NetSecOps: Everything Network Managers Must Know About Collaborating with Sec...
byEnterprise Management Associates
 
PDF
Why Deception Technology is Gaining Momentum in Banking, Healthcare, and Gove...
byGauriKale30
 
PDF
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
byEnterprise Management Associates
 
PDF
Achieving Hi-Fidelity Security by Combining Packet and Endpoint Data
byEnterprise Management Associates
 
PDF
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
byEnterprise Management Associates
 
PDF
Securing Tomorrow: The Role of AI in Transforming Cybersecurity
byEnterprise Management Associates
 
PDF
How to Reduce the Attack Surface Created by Your Cyber-Tools
byEnterprise Management Associates
 
PDF
Automation, AI, and Analytics: Reinventing ITSM
byEnterprise Management Associates
 
PDF
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
byEnterprise Management Associates
 
PDF
Enabling Digital Transformation with Alcatel-Lucent Enterprise’s Network-as-a...
byEnterprise Management Associates
 
PDF
Tame Complex IT Environments with Data-Driven IT Automation
byEnterprise Management Associates
 
PDF
Daniel Grabski | Microsofts cybersecurity story
byMicrosoft Österreich
 
PDF
Take Charge of Your Cloud Migrations with Dependency Mapping, Inventory and U...
byEnterprise Management Associates
 
PDF
ASMC 2017 - Martin Vliem - Security &lt; productivity &lt; security: syntax ...
byPlatformSecurityManagement
 
Deception Technology: The Cybersecurity Paradigm We Didn’t Know We Needed
byGauriKale30
 
Deception Technology in Cybersecurity.pdf
byGauriKale30
 
Strengthening Cyber Defenses with Deception Technology: Top Tools and Techniques
byGauriKale30
 
What is Deception Technology? How It Detects Threats Early
byGauriKale30
 
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
byEnterprise Management Associates
 
Cyber Threat Intelligence: Transforming Data into Relevant Intelligence
byEnterprise Management Associates
 
NetSecOps: Everything Network Managers Must Know About Collaborating with Sec...
byEnterprise Management Associates
 
Why Deception Technology is Gaining Momentum in Banking, Healthcare, and Gove...
byGauriKale30
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
byEnterprise Management Associates
 
Achieving Hi-Fidelity Security by Combining Packet and Endpoint Data
byEnterprise Management Associates
 
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
byEnterprise Management Associates
 
Securing Tomorrow: The Role of AI in Transforming Cybersecurity
byEnterprise Management Associates
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
byEnterprise Management Associates
 
Automation, AI, and Analytics: Reinventing ITSM
byEnterprise Management Associates
 
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
byEnterprise Management Associates
 
Enabling Digital Transformation with Alcatel-Lucent Enterprise’s Network-as-a...
byEnterprise Management Associates
 
Tame Complex IT Environments with Data-Driven IT Automation
byEnterprise Management Associates
 
Daniel Grabski | Microsofts cybersecurity story
byMicrosoft Österreich
 
Take Charge of Your Cloud Migrations with Dependency Mapping, Inventory and U...
byEnterprise Management Associates
 
ASMC 2017 - Martin Vliem - Security &lt; productivity &lt; security: syntax ...
byPlatformSecurityManagement
 

More from Enterprise Management Associates

PDF
Cloud Network Traffic Data: Empowering Network and Security Operations in the...
byEnterprise Management Associates
 
PDF
Unifying Compliance Across Hybrid Clouds: How Network and Security Teams Can ...
byEnterprise Management Associates
 
PDF
Readying Enterprise Networks for Artificial Intelligence
byEnterprise Management Associates
 
PDF
From Scripts to Platforms: Why Homegrown Tools Dominate Network Automation an...
byEnterprise Management Associates
 
PDF
Mastering Multi-Cloud: Network Strategies for Today's Hybrid Environments
byEnterprise Management Associates
 
PDF
Migration Without Regret: Balancing Risk and Reward in Workload Automation Mo...
byEnterprise Management Associates
 
PDF
How Network Teams are Powering Stronger Cybersecurity: Closing Gaps in Vulner...
byEnterprise Management Associates
 
PDF
Enterprise Strategies for Hybrid, Multi-Cloud Networks
byEnterprise Management Associates
 
PDF
Unlocking the Future of Observability: OpenTelemetry’s Role in IT Performance...
byEnterprise Management Associates
 
PDF
The AI Advantage: How IT Leaders are Redefining Operations in 2025
byEnterprise Management Associates
 
PDF
The Future of Workload Automation and Orchestration: Driving Digital Transfor...
byEnterprise Management Associates
 
PDF
From Adversaries to Allies: Bridge the NetOps-SecOps Gap with Network Observa...
byEnterprise Management Associates
 
PDF
Network Observability: Managing Performance Across Hybrid Networks
byEnterprise Management Associates
 
PDF
Zero Trust Networking: How Network Teams Support Cybersecurity
byEnterprise Management Associates
 
PDF
Navigating the Future of Security Operations Centers (SOC) with Agentic AI
byEnterprise Management Associates
 
PDF
Applying Generative AI to IT Operations Research
byEnterprise Management Associates
 
PPTX
Network as a Service: Understanding the Cloud Consumption Model in Networking
byEnterprise Management Associates
 
PDF
Orchestrating Data Transfers in the Digital Era: Navigating Challenges and So...
byEnterprise Management Associates
 
PDF
Network Management Megatrends 2024: Skills Gaps, Hybrid and Multi-Cloud, SASE...
byEnterprise Management Associates
 
PDF
ServiceOps 2024: automation and (gen)AI-powered IT service and operations
byEnterprise Management Associates
 
Cloud Network Traffic Data: Empowering Network and Security Operations in the...
byEnterprise Management Associates
 
Unifying Compliance Across Hybrid Clouds: How Network and Security Teams Can ...
byEnterprise Management Associates
 
Readying Enterprise Networks for Artificial Intelligence
byEnterprise Management Associates
 
From Scripts to Platforms: Why Homegrown Tools Dominate Network Automation an...
byEnterprise Management Associates
 
Mastering Multi-Cloud: Network Strategies for Today's Hybrid Environments
byEnterprise Management Associates
 
Migration Without Regret: Balancing Risk and Reward in Workload Automation Mo...
byEnterprise Management Associates
 
How Network Teams are Powering Stronger Cybersecurity: Closing Gaps in Vulner...
byEnterprise Management Associates
 
Enterprise Strategies for Hybrid, Multi-Cloud Networks
byEnterprise Management Associates
 
Unlocking the Future of Observability: OpenTelemetry’s Role in IT Performance...
byEnterprise Management Associates
 
The AI Advantage: How IT Leaders are Redefining Operations in 2025
byEnterprise Management Associates
 
The Future of Workload Automation and Orchestration: Driving Digital Transfor...
byEnterprise Management Associates
 
From Adversaries to Allies: Bridge the NetOps-SecOps Gap with Network Observa...
byEnterprise Management Associates
 
Network Observability: Managing Performance Across Hybrid Networks
byEnterprise Management Associates
 
Zero Trust Networking: How Network Teams Support Cybersecurity
byEnterprise Management Associates
 
Navigating the Future of Security Operations Centers (SOC) with Agentic AI
byEnterprise Management Associates
 
Applying Generative AI to IT Operations Research
byEnterprise Management Associates
 
Network as a Service: Understanding the Cloud Consumption Model in Networking
byEnterprise Management Associates
 
Orchestrating Data Transfers in the Digital Era: Navigating Challenges and So...
byEnterprise Management Associates
 
Network Management Megatrends 2024: Skills Gaps, Hybrid and Multi-Cloud, SASE...
byEnterprise Management Associates
 
ServiceOps 2024: automation and (gen)AI-powered IT service and operations
byEnterprise Management Associates
 

Recently uploaded

PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PDF
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
PPTX
The Landscape of Computer Software Development Companies
byYash Singh
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
PDF
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
PDF
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
DOCX
Cloud Security, Serverless Security. Cybersecurity
byEdcelPacayraDuena
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
The Landscape of Computer Software Development Companies
byYash Singh
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Cloud Security, Serverless Security. Cybersecurity
byEdcelPacayraDuena
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 

A Definitive Market Guide to Deception Technology

  • 1.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Paula Musich Research Director, Security and Risk Management Enterprise Management Associates pmusich@emausa.com A Definitive Market Guide to Deception Technology
  • 2.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Watch On-Demand Webinar • A Definitive Market Guide to Deception Technology On-Demand webinar is available here: http://info.enterprisemanagement.com/a-definitive-market-guide-to- deception-technology-webinar-ws • Check out upcoming webinars from EMA here: http://www.enterprisemanagement.com/freeResearch
  • 3.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Featured Speaker Paula Musich, Research Director, Security and Risk Management Paula brings over 30 years of experience covering the IT security and networking technology markets. She has been an IT security analyst for ten years, including as a research director at NSS Labs, and earlier as the principal analyst for enterprise security for Current Analysis. As a security technology analyst, Paula has tracked and analyzed competitive developments in the threat management segment of the information security market, ranging from advanced anti-malware to next-generation firewalls and intrusion prevention systems to content security, data loss prevention, and more. Slide 3 © 2019 Enterprise Management Associates, Inc.
  • 4.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Sponsors Slide 4 © 2019 Enterprise Management Associates, Inc.
  • 5.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Agenda Slide 5 © 2019 Enterprise Management Associates, Inc. • Introduction, Methodology, Demographics • Advantages of Deception • Application of Deception • The who, what, how, and where of deception technology usage • Attitudes about deception from evaluators of the technology
  • 6.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 6 © 2019 Enterprise Management Associates, Inc. “Successful war follows the path of deception.” ~Sun Tzu, The Art of War
  • 7.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Introduction & Methodology • Deception ≠ Honeypot • Doesn’t draw attacker attention • Highly accurate • Market populated by small vendors • Methodology • 208 respondents • 65% in IT & 6% in cybersecurity outside IT • 26% in IT supervisor or above roles Slide 7 © 2019 Enterprise Management Associates, Inc.
  • 8.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Demographics • Company size • 50% Midsized/SME • 48% Enterprise • Using deception • 55%  24% highly familiar  23% good familiarity • Company size using deception • 82 Midsized; 32 Enterprise • Vertical Industries • 18% retail • 16% finance • 12% healthcare • 23% other • IT Budget • 17% $50 - <$100 million • 16% $25 - <$50 million • 13% $10 - <$25 million • Geography • Primarily serve North America Slide 8 © 2019 Enterprise Management Associates, Inc.
  • 9.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 9 © 2019 Enterprise Management Associates, Inc. Advantages of Deception Technology
  • 10.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Detection Effectiveness Compared Slide 10 © 2019 Enterprise Management Associates, Inc. How would you rate your organization's ability to detect and respond to in-network attackers early in the attack cycle? 49% 42% 7% 1% 1% 70% 30% 0% 0% 0% 0% 10% 20% 30% 40% 50% 60% 70% 80% 1- Highly effective 2- Somewhat effective 3- Neither significantly effective or significantly ineffective 4- Somewhat ineffective 5- Highly ineffective All Respondents Deception Users Highly Familiar with the Technology
  • 11.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Average Dwell Time Compared Slide 11 © 2019 Enterprise Management Associates, Inc. What was the longest approximate time in days it took to detect a threat inside your network (a.k.a. average dwell time)? 5.52 11.09 6.94 60.93 31.93 0.00 10.0020.0030.0040.0050.0060.0070.00 Deception Users with High Familiarity Deception Users with Good Familiarity Deception Users with Limited Familiarity Non-Deception Users All Respondents Mean Time to Detect in Days
  • 12.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Deception’s Unique Value Slide 12 What unique value or benefits does your organization believe deception technology provides? 10% 12% 10% 12% 10% 12% 13% 12% 9% 0% 5% 10% 15% Produces fewer false positives Produces more actionable alerts Reduces attacker dwell time Provides intelligence on attacker movement, techniques, and targets Helps prioritize events in the incident queue Provides visibility to attack paths based on credential and asset vulnerabilities Faster incident response Detects basic and advanced threats regardless of technique Provides ubiquitous detection across a wide variety of attack surfaces % Total Mentions (Mentions/Total Mentions) © 2019 Enterprise Management Associates, Inc.
  • 13.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 13 © 2019 Enterprise Management Associates, Inc. Application of Deception Technology in the Enterprise
  • 14.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Top Ranking External Internal Breach Attack Simulation 23% (31)* 20% (35)* DLP/Data Classification 22% (83) 23% (84) Deception Technology 16% (37) 30% (44) IDS/IDP/IPS 27% (90) 13% (86) Manual Threat Hunting Efforts 11% (36) 11% (44) Network APT Detection Analysis 13% (61) 21% (58) Next-Generation Endpoint Security 15% (71) 30% (77) Next-Generation Firewall/Unified Threat Management 18% (83) 19% (80) Secure Web Gateway 26% (66) 20% (59) Security Information and Event Management 23% (94) 23% (79) User and Entity Behavior Analytics 16% (45) 24% (55) Web Application Firewall 27% (71) 16% (63) Top-Ranked Detection Tools *Indicates total number of respondents for each response © 2019 Enterprise Management Associates, Inc.Slide 14
  • 15.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Deception Use Cases Slide 15 Which of the following use cases does your organization believe represent deception technology's ability to reduce business risk? 7% 7% 7% 6% 6% 6% 6% 6% 0% 1% 2% 3% 4% 5% 6% 7% 8% % Total Mentions Detect ransomware Security framework risk reduction Data loss tracking and counterintelligence Detect credential theft Detect attacks on ICS/IoT/OT devices High-fidelity alerts to speed investigation and response Protect sensitive data from internal/external attackers Reduce security risk in cloud infrastructure © 2019 Enterprise Management Associates, Inc.
  • 16.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING COTS vs. Honeypots vs. Homegrown Slide 16 Which of the following categories of deception technology does your organization use? 52% 18% 30% Commercial deception technology Traditional honeypot or honeynet Open-source or homegrown deception technology © 2019 Enterprise Management Associates, Inc.
  • 17.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 17 The Who, What, How, and Where of Deception Technology Usage © 2019 Enterprise Management Associates, Inc.
  • 18.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Who Manages Deception? Slide 18 Which functional group within your organization is responsible for day-to-day use and management of your organization's deception technology? 32% 26% 19% 9% 7% 5% 2% 0% 5% 10% 15% 20% 25% 30% 35% Security operations/SecOps/SOC Threat detection team Network security team/NOC Threat hunting team Incident response team Vulnerability management team It is outsourced to a security services partner Column % © 2019 Enterprise Management Associates, Inc.
  • 19.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Decoys Slide 19 Which kinds of systems and devices have you emulated with decoys? 19% 19% 15% 14% 14% 11% 6% 1% 0% 2% 4% 6% 8% 10% 12% 14% 16% 18% 20% % Total Mentions IT infrastructure systems (e.g., LDAP servers, domain servers, etc.) IT network devices (switches, routers, telecom, etc.) Enterprise applications (CRM, ERP, etc.) Web servers Databases, file sharing systems, or other data repositories Smart devices (OT/ICS/IoT) Mainframes Other © 2019 Enterprise Management Associates, Inc.
  • 20.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 20 © 2019 Enterprise Management Associates, Inc. How extensively does your organization use deception technology? 15% 15% 14% 13% 11% 10% 7% 0% 2% 4% 6% 8% 10% 12% 14% 16% % Total Mentions Within our private data center(s) In OT, IoT, or other specialized infrastructure Within a hybrid cloud environment Within public cloud environments Remote locations (branch office, remote office, etc.) HQ offices Research/lab environments
  • 21.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Deception Spending Slide 21 © 2019 Enterprise Management Associates, Inc. By your best estimate, how much did your organization spend on deception technology (including both hardware and software)? 2% 11% 32% 30% 12% 6% 0% 5% 10% 15% 20% 25% 30% 35% Less than $50,000 $51,000 to $100,000 $101,000 to $250,000 $251,000 to $500,000 $501,000 to $1 Million Over $1 Million Column %
  • 22.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 22 © 2019 Enterprise Management Associates, Inc. What Potential Buyers Think About Deception Technology
  • 23.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Deception Evaluation Drivers Slide 23 © 2019 Enterprise Management Associates, Inc. What is the primary reason your organization is considering or plans to consider deception technology? 67% 14% 11% 8% 0% 10% 20% 30% 40% 50% 60% 70% 80% To detect in-network attackers as early as possible To gather/develop threat intelligence To delay attackers already present in the network to prevent them from reaching critical assets To learn the motives and tactics of attackers within my environment Column %
  • 24.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING 33% 28% 25% 22% 22% 22% 17% 14% 14% 14% 0% 5% 10% 15% 20% 25% 30% 35% It may not cover all the attack surfaces… Our organization may not be mature… Deception technology may not be… It may be too costly It may open my company to additional… It may negatively impact employee/user… It may be too easy for attackers to detect… The technology might be too difficult or… Deception may be too resource-intensive… Deception may be too complex/our… Most Concerned Potential buyers’ top concerns about deception technology © 2019 Enterprise Management Associates, Inc.Slide 24
  • 25.
    IT & DATAMANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Questions? Slide 25 © 2019 Enterprise Management Associates, Inc. Get the report: http://bit.ly/2Z35j4c