Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

RiskIQ Helps Organisations Achieve Digital Risk Protection Maturity Outlined in Independent Research Report

November 2017 by

RiskIQ
announced that the company believes that its approach to automating attack surface
reduction and targeted attack protection aligns to technical guidance offered in
Forrester Research’s new November 2017 report, “Assess Your Digital Risk
Protection Maturity.” To address the increase in web, social, and mobile external
threats, the new Forrester Digital Risk Protection Maturity framework was designed
to help enterprises identify gaps and next steps toward mitigating digital risk with
the appropriate oversight, people, process, and technology.

As companies continue to invest in their digital presence to better engage with
customers and enhance their products and ecosystem, they often lose sight of the
inherent risks of this digital business transformation. Cyberthreat actors are
taking advantage of lax security oversight across a business’s web, social, and
mobile assets. Without proper governance and technical controls, an organisation’s
operations, employees, consumers, and brands are susceptible.

The Forrester report asserts that too many companies are underprepared and
ill-equipped, with major strategic and operational gaps in their digital risk
protection (DRP) efforts. In large part, this is because:

 Digital business is intensifying risk faster than companies realise. As digital
footprints expand, organisations suffer increasingly severe brand, cyber, and
physical risk events that disrupt business and strain customer relationships.

 Security and risk teams underestimate their own digital risk exposure. Security
teams neglect their external digital brand presence and critical digital assets,
concentrating instead on more traditional security functions like network, data, and
device security.

 Poor data access and risk analytics create blind spots. Major visibility gaps
persist at even the largest companies, and the consequences for poor digital risk
visibility can hit companies hard.

 Lack of accountability leads to disjointed processes and ineffective response.
Ownership of digital risk management is split among multiple teams (marketing,
legal, security, risk, fraud, etc.), if it’s in place to begin with. This can
cause operational gaffes [1]

According to the Forrester report, “From massive botnets to frequent account
takeovers, brand impersonations, and continued weaponisation of social, mobile, and
web channels, security and risk pros are inundated with new digital risks. Rapid
proliferation of digital channels generates a massive, chaotic digital footprint, a
burgeoning digital attack surface, and diminished control to protect critical
digital assets and channels.”[1]

Forrester says that a company’s “digital risk protection objectives must shift
to address digital risk from prevention to detection and response.” The three
steps to achieving this include:

 Map the firm’s external digital footprint. To make sure you’re covering the
entire breadth of your company’s digital risk, you’ll have to discover every
external digital touchpoint, mention, and affiliation linked to your company,
products, assets, and people.

 Monitor for indicators of attack, compromise, and abuse. Once you know what your
legitimate digital footprint is, you can begin to monitor digital risk.

 Mitigate risk events by initiating response plans, takedowns, and remediation.
When a digital risk event is detected, take swift action based on the type of
digital risk you’ve discovered. [1]

Among the four digital risk protection capability domains referenced in the report,
Forrester notes: “Technology enhances techniques to analyse data and automate
mitigating actions. This domain describes the technical capabilities to access,
aggregate, and analyse data from disparate digital channels and other sources to
discover and monitor a firm’s digital risk exposure. It also details the
capabilities to detect, measure, and mitigate digital risk events using advanced
risk analytics and process automation.”

In Q2 2017, RiskIQ research revealed:
· 32.6% increase in phishing-related advertisements compared to Q1
· Nearly 90,000 newly observed blacklisted mobile apps compared to Q1
· 39,320 unique phishing domains against 316 targeted brands
· 1,978.9% increase in redirections to phishing pages
· 845.9% increase in scam detections
· 22% increase in malware binary injections
· 58.1% increase in scareware and browser lockers

RiskIQ helps organisations accelerate technical capabilities and progress their
digital risk maturity through its enterprise-class Digital Threat Management
Platform - a SaaS-based threat intelligence and integrated application suite that
addresses broad digital risks across web, social, and mobile channels. RiskIQ
provides the insight, automation, and protection needed to understand digital
footprint exposures, expedite threat investigation and monitoring, and pre-empt and
protect against targeted external attacks.

“Cyberthreats, data privacy and business reputation have reached the boardroom
where the CIO must demonstrate due diligence and investment towards reducing digital
risk. Operationally, this means empowering security with resources and capacity to
execute a digital threat protection strategy,” said Lou Manousos, CEO and founder
at RiskIQ. “RiskIQ extends security outside the firewall by delivering the insight
and automation necessary to efficiently identify, understand, and protect against
external threats.”

[1] Forrester Research, Assess Your Digital Risk Protection Maturity, Nick Hayes,
Chris McClean, Trevor Lyness, November 2017.


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts