Deception Technology: Maximizing the ImpactA CISO Offers Insights on Need for Systems Integration Approach
Organizations deploying deception technology must make sure to integrate it with other technologies to reap the full benefits of intrusion alerts, says Anuj Tewari, global CISO at IT Services HCL Technologies.
See Also: Move Beyond Passwords
"A deception technology rollout should be thought through like a war game," Tewari says. He advises organizations to start out small, focusing on inserting layers of defense around one or two "crown jewels" of sensitive information and integrating deception tech with SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation and Response) "to get the right benefits."
In a video interview with Information Security Media Group, he also offers insights on:
- The difference between a honeypot and deception technology;
- How artificial intelligence and machine learning help in deception technology rollouts;
- Deception technology deployment scenarios during the COVID-19 pandemic.
As the global CISO at HCL Technologies, Tewari oversees the strategic development and implementation of information security processes and frameworks. Over the last two decades, he has worked for Fortune 500 companies, including serving as the practice head for managed cybersecurity services and risk management services at CSC and in various other roles at IBM, GE, and Convergys.