A cyber threat detection and deception system interoperates synergistically with a data storage management system. As a proxy for identifying crown jewels among many and diverse data assets in a network, the illustrative cyber threat detection and deception system uses service level information obtained from the data storage management system, e.g., RPO, RTO, append-only secondary storage, synthetic-full frequency, etc. The cyber threat detection and deception system emulates proprietary protocols used by storage management technologies such as the data storage management system, etc. By creating emulation traps and an emulation lexicon of these storage-related protocols, the illustrative cyber threat detection and deception system can create and execute cyber deception plans for the proprietary storage management assets. Synergistically, the illustrative data storage management system is configured to respond to alerts and react to other information received from the cyber threat detection and deception system by taking certain corrective and/or protective actions.