I think this is the first time I’m writing about this topic, even if it isn’t the first time this topic has come up in the context of managed services. The role of MSPs is always changing. Cybercriminals are also changing their tactics. There have even been reports of cybercriminals targeting MSPs. What I would like to discuss is whether it is time for MSPs to target cybercriminals.
Deception Technology Explained
According to Wikipedia, “deception technology automates the creation of traps (decoys) and/or lures which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software or are emulations of these devices.”
In short, it is technology used to create “bait” within a network to better learn how attackers access IT resources. Deception technology lures attackers in an attempt to bring the methods of penetration and the goals or target of the penetration. The approach of identifying and luring cyber attackers is fundamentally different from the traditional approach of IT management which has been prevention and defense.
Should MSPs Play Offense?
MSPs have historically played a defensive role in managing IT. To be more precise, prior to becoming proactive, IT service providers were break/fix companies, waiting for something bad to happen within a customer environment prior to being engaged to fix the issue.
Today, with the rampant spread of malware, cyber attacks, and other forms of data theft, MSPs are more important than ever to protect customers in a proactive manner. It seems logical, therefore, that approaches such as deception technology could be useful towards that proactive strategy.
What are your thoughts about using deception technology in your managed services practice?