Get in Touch Close Menu

Digital Risk Protection

Frequently Asked Questions

1. What is digital risk protection?

Digital risk protection (DRP) scans an organisation’s publicly visible attack surface, including social media and deep and dark web, to mimic the reconnaissance phase of an attack. It helps organisations to understand what an attacker sees externally.

2. What are the critical components of effective Digital Risk Protection

To effectively protect an organisation against external threats, three components need to be incorporated into the Digital Risk Protection process, and they include:

i. Collection

Collecting this information, in bulk, and frequently is a full-time job for a specialist team. Unfortunately, to stay ahead of attackers – this needs to be done regularly – which requires automation.

ii. Curation

From the aggregate data set curation is crucial to isolate relevant threats and determine what risk they pose. Where DRP is using machine processing and algorithms, these solutions can often score to improve relevance, reduce noise and prioritise issues.

iii. Mitigation

DRP is nothing without an effective mitigation process. Whether this is issuing take-downs to ‘near to’ domains or changing leaked email addresses and credentials, it is important that security teams use the information effectively.

3. What do Digital Risk Protection solutions protect the misuse of?

Digital risk capabilities have a number of use cases:

Domain Monitoring

The reliance on websites to sell products and grow brand awareness is significant. Unfortunately, web sites and their associated domain names provide a vast and lucrative surface for attacks. This can result in cybercriminals acquiring ‘look-alike’ domains with a view to targeting specific organisations. There are several ways in which an attacker can target organisations, these include:

Copycatting: a website that mirrors your existing domain; visitors are tricked into believing they are interacting with a legitimate website.

Piggybacking: Spoofed or look-alike domains of well-known brands, generally used to generate revenue from adverts.

Typosquatting and Homoglyphs: Typosquatting is a method that targets users who visit a website and do not notice that there are misspellings in the URL. For example; www.saphire.net rather than www.sapphire.net. A homoglyph is another variant of domain spoofing however a character of the URL is replaced with a unicode character that looks similar to a character from the Latin alphabet.

Executive Protection

Cyber attacks are often tailored to target a specific individual within an organisation. Executives, VIPs and other high-value targets are highly targeted with attacks through methods such as social media impersonations, account take-overs and business email compromise.

Social Media Visibility

Social Media is increasingly used as a way of communicating with customers and employees, and as a platform for organisations to grow their brand. As a result, the adoption of social media has resulted in an increase in the attack surface of organisations. Brand protection is paramount for any organisation and traditional security tools do not necessarily offer visibility into public platforms.

Account Takeover Prevention

Attackers will look to bypass corporate controls and as such target the social media administrator accounts. The impact of this type of breach can be significant. Safeguarding corporate and executive/VIP accounts is vital.

Data Leak Detection

Cyber criminals will use the deep and dark web to sell or leak stolen data. The ability to have visibility of the deep and dark web to monitor any mention of brand, executives or high-value targets is essential:

  • Identify credential theft
  • Identify data breaches
  • Protect customer data


Targeted Phishing

Phishing attacks are becoming increasingly sophisticated. Tactics such as Business Email Compromise (BEC) and fake-giveaways are rife with many users being susceptible or ‘click prone’. Deploying solutions that can identify phishing links coupled with effective phishing testing, training and awareness solutions can protect against digital threats.

Impersonations

Spoofed domains, impersonated email accounts and fraudulent profiles on social media form an organisation’s digital attack surface. Attackers use the platforms to launch sophisticated campaigns including:

  • Phishing attacks
  • Fraudulent activities targeting clients
  • Social engineering attacks
  • Sell or share data