Kevin Fiscus is an information security expert with over 30 years of IT experience, over half of which has been focused exclusively on information security. He is the founder and lead consultant for Cyber Defense Advisors where he performs security and risk assessments, vulnerability and penetration testing, security program design, policy development, and security awareness. His is also the founder of Deceptive Defense where he focuses on the design and implementation of cyber deception technology.
In addition to his consulting work, Kevin is a Principal Instructor for the SANS Institute where he teaches SEC540 - Hacker Techniques, Exploits and Incident Handling, and SEC560 - Network Penetration Testing and Ethical Hacking. Kevin is also the author of an upcoming class on cyber deception.
Kevin currently holds several security certifications and is proud to have earned the top information security certification in the industry, the GIAC Security Expert. He has also achieved the distinctive title of SANS Cyber Guardian for both red team and blue team.
Abstract: Take Back the Advantage with Cyber Deception
As an industry, we are failing. We fail to keep attackers off our network and we fail to detect them when they gain access. According to the 2020 Ponemon Institute Cost of a Data Breach study, it takes organizations an average of 207 days to detect an attack and another 73 days to effectively contain these breaches. The same report showed a direct correlation between the time it takes to detect and contain a breach and the cost of that breach. Putting it simply, faster detection results in lower costs. So why does it take so long to detect and contain breaches and what can we do to fix the problem?
Imagine if you had a high fidelity, low noise detection solution that is easy to deploy, easy to manage, generates virtually no false alarms and facilitates the collection of detailed attribution and threat intelligence data. Does this sound too good to be true? It isn't. In this talk we will tackle the topic of cyber deception and deception technology. You will understand what it is, why it works and how you can start implementing it at virtually no cost. If you are concerned about your ability to quickly and accurately detect attackers on your network, this is the talk for you. Join us as we take back the advantage.