There’s a lot of chatter and confusion about cyber deception these days: what it is, what it isn’t, and where it fits into cybersecurity practices. And there’s no shortage of startups getting into this emerging space. But after peeling back the buzzwords and tech talk, deception is a simple concept. Elegantly so.

Classically, deception has been the domain of militaries, intelligence agencies, and espionage. But it has a place in the cybersecurity world, too (and not just honeypots). For the do-it-yourselfers out there, deception in the cyber domain can be a strong augmenter to existing IT security measures, especially SIEM and IDS. …

A full-scale war fought within the cyber domain might be “quieter”, but that doesn’t mean such a conflict would be any less disruptive — or deadly.

Land, Sea, Air, Space, and Information — the five domains of war. Currently, cyberspace — a heavily contested region of our world and society — is still in an antebellum period. We’ve seen large attacks before, like those against Estonia, Sony Pictures, and the UK’s National Health Service, but these were regional, localized, and in the case of Estonia, only one part of a larger aggression.

Cyber attacks have jumped the boundary from the virtual world to the physical world, causing tremendous kinetic damage along the way. The Stuxnet sabotage against the Iranian nuclear program is a well understood example of this crossover. State-sponsored malware loaded from USB thumb drives infected Iranian PLCs — programmable logic computers. These PLCs controlled the centrifuges responsible for enriching Iran’s Uranium-238 into weapons-grade material. The malware reprogrammed these PLCs and altered the speed with which these centrifuges spun, destroying thousands of them. The Arab Spring is another example in which an attack inside cyberspace (in this case, the hacking and leaking of diplomatic cables) sparked massive civil unrest and destruction in the real world. …