By Lou Manousos, CEO, RiskIQ
Everyone uses the internet, both the good guys and bad guys. In the ongoing chess match between businesses expanding their digital presence and the actors trying to exploit growing attack surfaces, those without access to automated internet reconnaissance, whether for bad or good, are at a tremendous disadvantage.
As companies continue to invest in digital transformation initiatives that improve customer engagement and enhance their products and ecosystem, cybercriminals take advantage of vulnerabilities and lax security oversight across a business’s web, social, and mobile assets. We define the cyber threats related to their digital presence as ‘digital threats,’ a separate class that requires a fresh approach. In response to this new type of threat, organizations should be investing in digital threat intelligence and protection mechanisms that address security outside the firewall.
Successful threat actors are building internet-scale digital-threat campaigns that can overwhelm defenses—state-sponsored attacks are rampant, and every three minutes, RiskIQ blacklists one mobile app, 300 phishing pages are published, and 43.5 malicious ads traverse the digital advertising ecosystem. For the good guys, this modern digital threat landscape moves too quickly for security teams to rely on manual processes and disparate tools, which cause security teams to be prohibitively slow, inefficient, and expensive. The time has come to embrace the power of a digital defense platform strategy, built on comprehensive internet data with the ability to map your digital attack surface, monitor it, and anticipate and counter this growing class of threat before it can impact customers.
A digital threat management platform boosts cyber resiliency with fewer resources and can even help teams manage their attack surface in-house—savings which can make a strong cost-justification case to any C-suite. Two simple benefits of a digital threat management platform are the speed and precision at which they help security teams operate, advantages that not only boost cyber resiliency but also reduce expensive security team manhours. Savvy and experienced IT management teams know that a reduction in hours reins in department expenditures and frees skilled employees for additional tasks that protect the business and reduce its attack surface.
A platform approach can save time in a multitude of ways. For example, a team not using a digital threat management platform might deal with a daunting amount of data from various sources, requiring a large group of analysts logging long hours to make sense of it. However, by ingesting and analyzing data from several sources, a platform can drastically reduce the volume and increase the relevance of the data delivered to them, providing insights that can help them more efficiently triage alerts.
Speed is the other critical factor. A team managing a company’s brand against fraudulent social media accounts, phishing sites, and fake mobile apps needs to be able to identify, locate, and act on these external threats as soon as they’re stood up. Unfortunately, with multiple people using multiple tools, time may be wasted, or worse, threats could be missed altogether.
Cyber adversaries rotate domains in less than five minutes, and by the time this team could piece the data together, it would be too late.
However, with a platform, once an issue is found, the team can do the same amount of work in far less time, identifying characteristics of the attacker’s infrastructure, such as IP addresses, domains, and security certificates to find and mitigate the source of the attack and proactively address future ones.
The justification for traditional cyber defense tools typically starts with their ability to prevent material damages associated with a potential data breach, but for new digital threat detection and mitigation technologies, time to respond, threats pre-empted, and time saved on investigations and takedowns can shave thousands, or even millions of dollars off of security spend.
When integrating some new security technologies, if you’re not looking holistically at the threat landscape and considering a platform approach, reducing the time to respond to threats, exploits, and cyber adversaries is difficult (if not impossible) and can lead to IT department budget overruns.
To further explore the return on investment (ROI) a digital threat management platform- based approach can deliver, Frost & Sullivan released “The Digital Threat Management Platform Advantage: Justification and Resource Optimization” report. The report established a Cyber Resiliency Framework businesses can use to properly invest in and build a digital threat management program that defends their attack surface in the face of mounting external threats.
To ensure your company’s digital threat intelligence and protection mechanism is effectively addressing security outside the firewall, make sure it provides the following elements:
- Defend (continuously improve cyber protection platform, harden defense tools)
- Prepare (intelligence-led assessment of systemic vulnerabilities, cyber drills/simulation exercises)
- Absorb (ability to detect breaches/prevent attacks if possible, always on standby for next attack/breach)
- Recover (reducing the time to respond, knowing how to respond, organization-wide stakeholder involvement)
- Adapt (enhancing organizational cybersecurity consciousness, applying lessons learned)1
Don’t hesitate; organizations can no longer expect to be spared by the current waves of internet-scale cyber-attacks. Whether you’re modernizing your digital threat management program or just starting one, your organization must be able to scale its defenses cheaply and efficiently, which can only be done with a digital threat management platform.
1 “The Digital Threat Management Platform Advantage: Justification and Resource Optimization,” Frost & Sullivan, Jarad Carleton.
About the Author
Elias (Lou) Manousos, CEO and Founder, RiskIQ.Elias is a recognized expert in Internet security and fraud prevention. He has been developing and delivering enterprise protection technologies for more than 15 years. As CEO of RiskIQ, he has spearheaded a new approach that helps the Internet, financial services, healthcare, media, and consumer packaged goods companies protect their brands from online fraud. Elias is also co-chair of the Online Trust Alliance (OTA) Anti-Malvertising Working Group. Visit him online at www.riskiq.com