If  you  are  willing  to  accept  this,  then  the  center  of  focus  shifts  to  detection  or  the
               concept of time-based security. Time-based security is derived from what we will call

               exposure time (Et), which is compiled based on detection time (Dt) plus response time

               (Rt). Typically, security teams have been unable to react fast enough to stop the attack.
               The exposure time is too great meaning hackers are afforded a dwell time to complete

               their attack.


               Early  identification  and  response  times  need  to  improve  to  a  tipping  point  above  the
               exposure  time  (Et).  When  executed  effectively,  the  attack  is  halted  before  data

               exfiltration or other damage can occur.


               Deception technology plays a critical role in changing the asymmetry of the attack and
               is  designed  to  provide  the  threat  intelligence,  counter  intelligence,  and  adversary

               intelligence required to decrease  exposure time. The Mandiant M-Trends 2017 report
               states that time to detection averages 99 days. Typical time-to-compromise continues to

               be measured in minutes, while time-to-discovery remains in weeks or months.             Attivo

               Networks has developed an innovative deception-based solution to tackle the issue of
               exposure time head on. The Attivo ThreatDefend™ Deception and Response Platform




                   18    Cyber Defense eMagazine – December 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.