adarma_logo_twgt-black[11615449]
adarma_logo_twgt-black[11615449]
Assessments
All Cybersecurity Assessments

Improve security maturity and capability while reducing risk
Cyber Maturity Assessment

Define, measure and improve your security posture
SOC Maturity Assessment

Understand and improve the capability and maturity of your SOC
SIEM Assessment

Your roadmap to increase the performance and value of your SIEM
Crisis Simulation Assessment

Stress-test your organisation’s cyber response capability

Latest Insights

Cyber Insiders is a cybersecurity podcast by Adarma.
Podcast
Nov 2

Cyber Insiders Podcast: Liz Banbury on Safeguarding Critical National Infrastructure
Threat Intelligence Exposure Management
Detection & Response
Managed SOC

Delivering today’s capability, while staying adaptable for tomorrow’s threat
Microsoft MDR Solution

Maximise the potential of your Microsoft E5 License
SOC Engineering

We help design, build, and integrate the security operations capability you need
Incident Response

Intelligence-led preparation, practice and real-world cyber incident response
Socket Platform
About Us
We Are Adarma

Your partner for effective cyber threat management
ESG

Protecting the promise of cyber resilience
Partners

Working in partnership to make the world a safer place
Careers

Become a Cyber Defender
Contact Us

Get in touch today
Insights
Cyber Hub
Cyber Insiders
News & Blog
SIEM Transformation
Future-Ready SOC Report
SecOps Excellence
Events
Share:
October 12, 2022

Cyber Insiders: Rob Black on Cyber Deception Techniques

In this episode of Cyber Insiders, we talk to Rob Black, director of the UK Cyber 9/12 Strategy Challenge and former Deputy Director of the UK’s National Cyber Deception Laboratory about how to develop a proactive cyber defence strategy and how strategies from the world of gaming can help us better defend our networks.

From planning multinational naval operations, combating piracy to lecturing on integrating cyberwarfare into military operations and the use of social technologies, Rob has a unique cybersecurity background that began in the MoD, before working with the Combined Maritime Forces in Bahrain and then into academia.

Rob’s areas of expertise include cyber deception, threat analysis, counterterrorism, cyber resilience, and cyber warfare. He’s a strong advocate for taking a proactive approach to cybersecurity.

According to Rob a proactive cyber defence strategy is one that recognises and anticipates that at some point there is going to be an engagement with the adversary. As the old adage goes, if you want peace you must prepare for war.

While it’s key that organisations build a strong defensive cybersecurity framework, Rob believes organisations should also consider the various ways they can engage with their attacker to deter them from their nefarious goals.

“A proactive cyber defence strategy is quite simply a strategy that recognises there is going to be an engagement with the adversity at some point” he explains. Not only do cybersecurity teams need to be prepared to engage with their adversary’s technical capabilities, but they also need to understand and be ready to engage with their mind, he adds.

By mapping out the attacker’s thought process and motivations, organisations are better placed to deter attackers and deal with intrusions before they escalate – essentially push them to “rage quit” or simply be deterred into backing away.

Citing game developers as an example, the designers mapped out levels with increasing difficulty to push players to “rage quit”, “for me that’s really interesting because that is shaping their ability to understand, respond and behave through the virtual domain.”

“That doesn’t come across in cybersecurity and I think there’s a real scope to bring that in,” he adds. “How can we influence our attackers and make them consider whether they want to proceed or get upset by the proceedings?”.

“There’s a lot we can do beyond the traditional defensive mesh. We need to bring that human element back. If you think cyber defence is just a technical process or you’re seeing it as just a strategy to think about the implementation of technology, stop, pause, bring it back and think about how we can bring the cognitive development back in the decision-making process and how we can use that to our advantage.”

Like a military mindset, organisations should plan and adapt their activities. In military planning, leaders understand that their troops are under threat of attack and therefore take measures to manage those interactions.

In terms of cybersecurity, Rob explains that our external defences also shape our internal defences and that if our network is breached there is scope to influence the attacker’s expectations of what they will encounter once inside our systems. If we can sow the seeds of doubt in the attacker’s mind, Rob says, we can slow down their decision making and progress through the network making it harder for them to achieve their goal and affording cybersecurity teams more time to detect, contain and eliminate intruders. “Those are areas where I think we can really start experimenting and playing with shaping their [the attacker] understanding of what’s going on. That moves us onto the front foot rather than just bracing for an anticipated attack.”

To learn more about cyber deception, cyber deterrence, and the importance of cognitive abilities in cybersecurity listen to the full podcast here.

You’ll hear more about the pressing need to rethink how we treat those on the cyber frontline and about lessons the world of cyber can learn from adopting a military mindset.

Related Posts

Explore all
Podcast
Nov 2024

Cyber Insiders Podcast: Liz Banbury on Safeguarding Critical National Infrastructure

Blog
Oct 2024

An Introduction to the Cybersecurity Landscape for Retailers

Blog
Oct 2024

Adarma’s Commitment to Sustainability: Improved EcoVadis Scores in 2024

Contact Us