Denial, Deception and Drinks: Building a Cyber Deception Maturity Model

Описание: This session of Denial, Deception, and Drinks is a conversation around building a cyber deception maturity model. Listen to roundtable participants from Attivo, CounterCraft, University of Albany, and MITRE as we discuss why we need a cyber deception maturity model, common misconceptions about maturity requirements, the cost of employing deception, and other general musings.

Have questions for any of the presenters? Reach out to us at [email protected] and we’ll pass your questions along.


Resources highlighted by the speakers during the roundtable:

Know Your Enemy Series by the Honeynet Project:
https://www.honeynet.org/category/kye/

SANS SEC550:
https://www.sans.org/cyber-security-c...

Tularosa Study by Kimberly Ferguson-Walter et al:
https://www.osti.gov/biblio/1524844-t...

Shrinking Your OODA Loop via Deception by Tony Cole:
https://www.attivonetworks.com/blogs/...

Intrusion Detection Honeypots by Chris Sanders:
https://chrissanders.org/2020/09/idh-...


About the Speakers:

Dominick Foti
Dominick is a current Information Science Doctoral Student at SUNY, The University at Albany. His areas of research include misinformation and disinformation, cyber active defense and deception, and behavioral aspects of cybersecurity. Before beginning a career in academia, he spent 5 years in the domain of cybersecurity as both a cybersecurity analyst at Advanced Publications and consultant with PwC, advising Fortune 500 companies in building an effective and risk-oriented cybersecurity strategy. Dominick looks to continue to push the bounds of research in cybersecurity to find innovative and unconventional ways of fighting against cyber adversaries. When he is not researching or teaching, Dominick can be found chasing snow with his skis in the winter, or hiking and mountain biking in the NY Adirondacks during the summer.

Gabby Raymond
Gabby is the Capability Area Lead for Adversary Engagement at The MITRE Corporation. She has helped define and mature MITRE’s adversary engagement work in research, operations, and tool development.

Kevin Hiltpold
Kevin has over 27 years of experience consisting of network and security operations, consulting, and pre-sales engineering. He has worked for Fortune 500 Internet companies (America Online and Time Warner Cable) and as a contractor for the Federal Government (FEMA and Coast Guard). Like most seasoned security professionals, he is a jack of all trades and master of some. He has held his CISSP for 16 years and achieved multiple SANS GIAC certifications including GCFA (Forensic Analyst) and GCWIN (Windows Security) as well as multiple SIEM industry certifications. Kevin currently works at Attivo Networks, the experts in lateral movement detection.

Richard Barrell
Richard is the Head of Product at CounterCraft, as well as managing strategic projects in multiple industry and government sectors. You can find him on LinkedIn:   / richard-barrell-99852a  

Sanjay Goel
Sanjay is a Professor and Chair of the Information Security and Digital Forensics Department in the School of Business and the Director of the NY State Center for Information Forensics and Assurance. He is also the Director of the Digital Forensics BS and MS Programs at the University which he started. Dr. Goel received his Ph.D. in Mechanical Engineering from RPI. His research interests include information security, cyber warfare, music piracy, complex systems, security behavior, and cyber physical systems. His research on self-organizing systems includes traffic light coordination, smart grid and social networks. He is actively engaged in policy efforts on cyber security norms, CBMs, and cyber treaties.

Tony Cole
Tony is a cyber expert with over thirty-five years of experience as a strategist, risk expert, advisor, and board member. Today, he’s the CTO at Attivo Networks, the global leader in identity detection and response, providing an innovative defense for protection against identity compromise, privilege escalation, and lateral movement attacks

Prior to joining Attivo Networks, Mr. Cole held executive positions at FireEye, McAfee and Symantec. He’s retired from the U.S. Army, where he worked in intelligence, communications, and cryptography around the world including building out the Network Security Services at the Pentagon. Mr. Cole served previously on numerous boards and government committees including (ISC)² Board of Directors as Treasurer and Chair of Audit and Risk, the NASA Advisory Council under appointment by the NASA Administrator, and the FCC CSRIC (Communications Security, Reliability, and Interoperability Council).

©2022 The MITRE Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited PR_21–01759-25