Attack Detection vs Disruption
Rather than using CCTV, which often requires manual monitoring and response, the use of an acrylic mirror provides deterrence without the associated costs and complexity. Psychological studies suggest that mirrors can subtly influence human behaviour, often positively. Data indicates that a simple mirror is effective in the case of bicycle theft.
Many commercial off-the-shelf (COTS) security products, whether Security Incident & Event Management (SIEM) systems or Managed Security Service Providers (MSSP) are similar to the CCTV operations. Both rely on some forms of logic to determine whether certain events are harmful or not, then another human-layer to further assess & react.
Regardless of whether a traditional approach, where experts maintain detection rules, or machine learning approaches that predict based on known or prior datasets, issues related to alert fatigue and talent shortages persist.
So what is the equivalent of that mirror in Cyber Security, such that we disrupt attacks without the high cost, complexity & SLOW human reaction?