Today’s businesses are undergoing an accelerated digital transformation as a result of the pandemic, and the adoption of initiatives that would normally take years to support remote workstations and the transition to new platforms is accelerating. The external digital landscape is also growing rapidly and companies are increasingly forced to do business through non-traditional channels. This digital evolution makes companies increasingly vulnerable to attacks outside the network perimeter.
To identify and respond to today’s most pressing threats, security teams are investing in the operational capabilities of Digital Risk Protection (DRP)
.
The effective application of DRP to your security program requires that you understand each application as it applies to your organization. It is difficult to decide when to use PPR to focus on a particular sector and size and to set priorities, as many threats overlap.
This article discusses the most common applications:
- Domain monitoring
- Protection against takeovers
- Social network protection
- Executive protection
- Protection of trademarks
- Detection of data leaks
- Advanced email security
Domain monitoring
The L
domains are involved in several cyber attacks. They are easy to record, cheap and can contain an infinite number of variants. Threatened subjects create hundreds of thousands of fake domains every year and constantly improve escape techniques to make victims believe they can be trusted.
As malicious domains act as a catalyst for most Internet attacks, organisations run the risk of becoming victims of different types of threats. Similar domains can be used to create phishing websites, sell fake products or steal login details. Threat actors also use spoofed domains to defraud corporate email (BEC), spread malware, and create bait for ransom.
It is difficult to eliminate the risk of a malicious domain because of the large number of potential threats and the requirements to reduce them. Communication with registrars is of the utmost importance as each of them has the specific evidence required for a seizure. Security teams should use a combination of human expertise and automation to effectively identify, pool and mitigate threats in this area.
Social network protection
There is a huge amount of publicly available information on the internet that threat actors use to pose as organisations and their leaders on social networks. Fake accounts are easy to create and offer anonymity, making social platforms a much sought-after
tool for the target audience. Real photos, logos and personal information give credibility to the attacks and make it difficult even for security experts to distinguish legitimate accounts.
Various forms of scams are committed on social platforms, including financial fraud, brand abuse, data leaks and cyber threats. Monitoring threats on social networks can be annoying and it is difficult to remove suspicious accounts or messages without communicating with the platform and without sufficient evidence.
Pay-per-view fraud on social networking sites
Protection against takeovers
Threatening individuals use a variety of methods to gain control of online accounts and engage in fraudulent activity. The lack of visibility of campaigns against external threats makes it difficult for security teams to detect such attacks, putting account holders at risk.
Attackers hijack accounts using various phishing schemes designed to entice account holders to steal usernames, passwords and other sensitive data. This scam can take the form of phishing websites, copies of corporate websites, bank trojans and mobile campaigns such as phishing or SMiShing, and relies heavily on imitation identities to convince the victim of their legitimacy.
False PayPal website
Protection of trademarks
Threatening players rely heavily on brand imitation to legitimize their attacks and abuse customer trust. Brand abuse can occur across all digital channels and can include virtually any form of threat. Image domains, questionable websites and questionable mobile applications are common examples of brand threats.
Brand distortion can lead to irreversible reputational damage and damage to the value of the brand. Security teams must be visible on all digital channels to identify brand references and have processes to quickly identify real threats based on false positives.
Detection of data leaks
Every business is vulnerable to data leaks and the organisations affected can be devastated. Although sensitive assets can be exposed to various vulnerabilities, employees are the primary cause of data leaks and thus the primary target of attackers.
Attack tactics to prevent employee error include the use of e-mail, which strongly encourages socially responsible employees to disclose protected data, confidential documents or information in their possession. In addition to disclosing data, threators steal and lose small amounts of information on various platforms to incite ransom.
To minimize the damage caused by data leaks, companies should implement detection processes that search all online data sources related to the company.
Executive protection
Managers are the target of several network attacks because of their high visibility and value. It can be difficult to detect threats to the executive and effectively distinguish them from false positives, because attackers use a variety of attacks, including identity changes, account hijacking and physical damage.
Fake profile linked
Monitoring all online channels for suspicious content for managers is the key to reducing risk. Security teams must use automated analysis and human-verified information to quickly identify and mitigate the impact of management threats.
Advanced email security
Email attacks remain one of the biggest threats to companies and their employees. Bad players constantly improve their tactics, and many advanced attacks continue to escape security technologies.
One of the most effective methods used in advanced email attacks is the compromise of business email (BEC). BEC attacks can be costly because they impersonate someone else to trick an employee into sending money or confidential information to an attacker.
Proactive protection against current email threats includes the detection of similar domains outside the network to block spoofed URLs, as well as the detection and containment of external attacks that lead to identity theft.
According to Gartner’s Emerging Technologies Report
, the breadth of external applications and the ability to support them in all organizations, regardless of size or maturity, requires PRA capabilities. Security teams may find that few of these application examples apply to their organization, but as the external digital landscape evolves, it is important to reassess current DRP solutions and determine whether additional solutions are preferable.
Additional resources :
*** It’s the syndicated Security Bloggers Network blog from Stacy Shelley’s PhishLabs blog. The original message can be found at the following address: https://info.phishlabs.com/blog/top-7-use-cases-for-digital-risk-protection.
Related Tags:
types of digital risk,digital risk management gartner,digital risk deloitte,digital risk assessment,digital risk pwc,digital risk company,list of security use cases,what is use cases in cyber security,data science cyber security use cases,use case diagram for cyber security,persona cybersecurity,security analytics use cases,digital risk management software,digital risk insurance,digital shadows pricing,digital shadows email,what is digitalshadows,digital shadows api,digital shadows san francisco,digital shadows blog,digital risk and compliance,auditing digital risk,digital risk and regulation,digital risk register,top digital risks,risks of digital technology,what are the main risks associated with investing in digital technology,digital operational risk