CrowdStrike boss explains offensive security in targeted attacks

[InfoSec News <alerts () infosecnews org>]

http://www.cso.com.au/article/433128/crowdstrike_boss_explains_offensive_security_targeted_attacks/

By Liam Tung
CSO Online (Australia)
09 August, 2012

Data forensics are not enough for security pros looking to fend off 
targeted attacks, according to CrowdStrike chief and co-founder George 
Kurtz, who says companies want to take the fight to the adversary.

Defence, detection and details are not enough, Kurtz tells CSO.com.au, 
claiming companies are increasingly demanding “deception, denial, 
disruption”.

“They’re moving more into the government mindset of deception,” says 
Kurtz, pointing to a hypothetical theft of the Northrop Grumman’s B-2 
Spirit Stealth Bomber designs.

“Somebody breaks in and steals the plans, but if the plans are wrong and 
the thing doesn’t fly, think about the cost of that. Think about the 
scratching of the head that happens when you have that thing and ask 
‘Was it real or was it a decoy’?”

Kurtz is among those that fear the nation’s intellectual property is 
slowly but surely being drained by Chinese Government sponsored hackers, 
hell bent on undermining the US’s technological edge.

[...]