David Brown is responsible for all revenue generation processes in the organization. He’s charged with ensuring tight integration and alignment between all revenue-related functions, including Marketing, Sales, customer support, and pricing and revenue management, as well as strategic oversight for long-term profitable revenue generation. An accomplished and enthusiastic sales and business leader with 20+ years’ international sales management experience, David is well-versed in taking companies through rapid scale-up and into IPO or trade sale. David has worked with global organizations in a variety of industries including Cybersecurity, Financial Services, Utilities, Energy, Petrochemical, Oil & Gas, Power, Pharmaceutical, and Manufacturing. With an innate ability to get to the core of issues quickly, David works hard to bring value to everyone and every situation. He strives to achieve “best for all” solutions and his approach to tough business challenges is always both logical and human focused. We talked to him about Deception Technology.
Could you first describe to us who is Countercraft and what’s your product?
CounterCraft provides actionable threat intelligence in real time using deception technology. Unlike comparable technology, which takes up to 270 days to provide threat intelligence that requires an analyst to determine if it’s relevant or not, CounterCraft delivers intelligence generated by your adversaries, in real time, that enables you to implement remediation immediately.
So, it is about ‘deception technology’. Not yet the most familiar term in context of cybersecurity. Why is it becoming a must-have from your point of view?
Deception provides actionable intelligence in real time, with zero false positives, connected to your existing systems to allow automated remediation. It can be deployed across any network, on premise, in the cloud, across air-gapped networks and at speed.
What is a misconception people have about cyber deception?
That it is just honeypots. Our solutions go far beyond the 1980s term honeypot, creating sophisticated systems that the world’s top governments and businesses use.
We can build a deception farm outside your network that is representative of an organization like yours, and then advise in real time, in a machine-readable format, where your attackers are coming from, who they are and what they are attempting to do on a system like yours.
Or we can divert an adversary away from your network and into a “digital twin” deception environment where we can study their behavior and report back. We then deliver actionable intelligence in seconds that will tell you who they are, where they have come from, where they have been previously on your network, and what scripts they have run while in the deception environment. It is possible to isolate your adversary in this environment for months whilst you study their behavior in safety — or collect all the information you need to generate a CVE in less than 1 business day.
More than 90% of our solutions are delivered in 30 days or less, unlike comparable solutions that can take 12 months to deploy, and even in that time only reaching 80% of your network, leaving the typically valuable systems in the remaining 20% vulnerable.
Do you have a recent result your clients have had that has impressed you and works as an example for your solution?
Yes, we worked with Red Eléctrica, the Spanish utilities company, and they contracted CounterCraft with the goal of detecting threats before they breach the network. Our team created a physical communication rack that mimicked their real electrical substation. Within just a few minutes after connecting the substation to the Internet, attacks began. However, these brute force attempts against the VNC, switch telnet and the web portal were all noise coming from automated access attempts, which CounterCraft was able to filter out. In less than two weeks, a high priority alert came through, easy to distinguish from a low-level automatic attack thanks to CounterCraft’s sophisticated technology. They said our technology was the best way they have to know the attacks they might be under and prevent them. That case study is available here: https://www.countercraftsec.com/landings/red-electrica-detects-ot-attacks-with-deception/
More in general: what is the most popular use case for your technology?
We have 40+ use cases for our technology, with tailored campaigns ready to go. That said, we provide unique-to-market solutions for impossible issues like insider threat, lateral movement, and cloud network security.
Which companies should look into your solution and how to get in touch with Countercraft the best way?
We offer solutions to the toughest problems faced by industries like OT, manufacturing, government, retail, telecoms and healthcare. Any company with a dedicated security team should be employing deception. To reach us, please head to https://www.countercraftsec.com/contact/.
Thank you, for the interview!
Please remember: This article is based our knowledge at the time it was written – but we learn more every day. Do you think important points are missing or do you see the topic from a different perspective? We would be happy to discuss current developments in greater detail with you and your company’s other experts and welcome your feedback and thoughts.
And one more thing: the fact that an article mentions (or does not mention) a provider does not represent a recommendation from CyberCompare. Recommendations always depend on the customer’s individual situation.