Shifting sand for bad guys…

Click to download PDF
For several years, we have been considering various concepts around cyber deception and moving target defense. Being able to disrupt an adversary by outwitting them at their own game is indeed achievable and one area that we believe will gain more momentum in 2018.

Let’s breakdown what each of these approachesmean, so that we can use that as a basis for a business discussion. DHS defines MTD as the following:

Moving Target Defense (MTD) is the concept of controlling change across multiple system dimensions in order to increase uncertainty and apparent complexity for attackers, reduce their window of opportunity and increase the costs of their probing and attack efforts. MTD assumes that perfect security is unattainable. Given that starting point, and the assumption that all systems are compromised, research in MTD focuses on enabling the continued safe operation in a compromised environment and to have systems that are defensible rather than perfectly secure.

In a nutshell, this approach creates a significant set of barriers for adversaries:

- It’s expensive to defeat

- It’s challenging to defeat

Those two drivers alone will wash out 90% of those intending to breach your external web

surface. Trying to navigate a matrix of false flags is dizzying and daunting for the adversary.

So, what does this mean to your board and C-Suite. Aside from other good hygiene (flat surface, minimal fields, continuous patching, etc.), it means that by using this type of approach, your organization will be more secure, and from the outside, looking in, the adversary will have an extraordinarily difficult time gaining access to your key assets from breach attempts. They will need to revert to other means (phishing, etc.) which we will cover in another post. I’m a believer in MTD, and for those of you more technical, instructing MTD from an exterior view can be even more interesting. We are looking at integrations now toward that end, and are happy to discuss in greater detail!