Predictions: How Cyber Risks Will Evolve in 2022
Executive Summary

Digital Risk Protection (DRP) is the practice of protecting third-party cloud channels from various forms of digital threat.

As part of digital transformation initiatives, enterprise organizations are increasingly dependent on social and digital channels for everyday productivity, customer engagement, and growth.

With this dependency comes the need to secure these channels against unauthorized access, malware, phishing, data loss, compliance violations, or account compromise.

Digital Risk Protection processes aim to secure these channels and aid in managing risk in digital transformation.

For the modern enterprise, a robust DRP stance is an absolute necessity to secure the technology that drives business growth and revenue.

Cloud Apps We Protect

zoom logo

Digital transformation refers to the enterprise process of shifting from outdated applications, systems, and practices to more sophisticated, modern, and versatile business approaches and strategies. This seismic shift to digital is made possible by many advances in technology, particularly cloud computing.

Every forward-looking business is undertaking some degree of digital transformation and increasing their engagement on and with the cloud. Within every organization, social and digital cloud-based channels are now mission-critical, and used across multiple departments. These third party channels fall into two categories: 

External: Customer-facing growth channels

External channels are the channels that marketing, sales, and customer experience teams use to drive engagement and growth: social media such as LinkedIn and Facebook, mobile chat apps like WhatsApp and more.

Internal: Service platforms

Internal channels are those technologies that companies rely on for operational efficiency and agility: collaboration platforms like Slack and Microsoft Teams, and larger suites like Salesforce, Veeva CRM, and SharePoint.

These new cloud channels are how work gets done. Embracing them is a core part of digital transformation strategies. Without these cloud channels, a modern-day business is destined to get left behind.

The new suite of cloud-based channels are powerful and exciting tools. However, as they come to play a key role in digital transformation strategies and central business processes, they become digital transformation risks.
Email has long been a digital security risk and favorite attack point for cyber criminals, state actors, and other adversaries. It is a core part of enterprise security to secure email gateways. Marketing, sales, and intra-organizational communications still take place over email. But they have moved partially if not wholly over to the third-party cloud channels that are now crucial for both growth and internal operations.

The increased use of these external and internal cloud channels means that the organizational threat surface has expanded. This new surface spans a variety of new applications, each with its own demands and requirements. Every cloud channel possesses a different owner, reporting into a different line of business: CMO, CHRO, CIO, CRO, or CXO.
Departmental ownership is similarly split. For example, IT sometimes oversees Slack and Teams; HR is usually the buyer for Facebook workplace; Sales oversees Salesforce; Marketing oversees Instagram – and so on. This newly evolved threat surface introduces a new category of digital risk.
Today, third-party cloud channels are every bit as mission-critical as email. And they are every bit as threatened. Phishing research shows that organizations face social media attacks with approximately the same frequency as they face email spear-phishing and email BEC attacks.

Digital risks threaten not only the security of enterprises--they threaten the project of digital transformation itself. Organizations that want to fully embrace digital transformation need to embrace these cloud channels as rapidly as possible. But savvy security personnel can see their lack of visibility and control, and they have no choice but to insist that the company put the brakes on.

Security personnel donʼt want to be the “No” people. But unless they feel totally confident in their ability to battle modern digital security risk, they cannot greenlight a full-blown digital transformation project.
Malware-Malicious_Dark Cyber Threats
According to the FBI, malicious cyber activity accounted for losses exceeding $3.5 billion in 2019 alone. Cybercrime takes a variety of forms, but a common target of attack is the corporate digital cloud channel. Bad actors target these channels with malicious content, malware (including ransomware), spear-phishing attacks, hacktivist campaigns, and more. Just one successful cloud infiltration can be devastating. One ransomware attack can cost a company an average of $141,000 in damage and recovery.
Brand_Protection_Dark_RGB Brand Damage
Brand impersonation attempts, where fraudsters send spoofed emails posing as a real company, can do heavy damage. So can other kinds of social engineering campaigns, and digital sabotage in the form of piracy and counterfeit goods. Even malicious customer posts can result in brand damage, loss of revenue, and shareholder value.
Compliance_DarkCompliance and Risks
Major regulations (FINRA, FCPA, HIPAA) now require that citizensʼ personally identifiable information (PII) is protected. This regulation mandates the supervision and preservation of all forms of electronic communications. In turn, each industry has its own regulatory requirements. FinServ companies need to watch for promissory language; pharmaceutical companies need to monitor mentions of adverse events.
The velocity of digital communication makes establishing this kind of oversight a serious challenge, but failure can mean noncompliance, fines, and reputational damage. Today enterprises need a platform that can automatically enforce critical SaaS security controls to meet PCI, HIPAA, and GDPR requirements for access monitoring and control with out of the box mappings for SOC 2, ISO 27001, NIST CSF, NIST 800-53, and more. Not only has the threat landscape grown, but the number and extent of regulations for protection in that landscape is now unmanageable without automated policy enforcement.
Insider_Dark Insider Threats
76% of high-tech executives are concerned about insider threats. Across industries, every single year, billions of private records are breached. Almost 90% are compromised via insiders, both malicious and accidental. Outsourced service providers, contractors and consultants are common points of ingress or egress. Disgruntled former employees can also do a lot of damage.

Beyond the Perimeter

As businesses undergo digital transformation, the attack surface expands well beyond the perimeter. Traditional perimeter-based defenses still have their uses. But their coverage canʼt extend to where digital communication channels and social media platforms are. Companies are facing a new and increasingly challenging digital risk landscape. Why? Because of fundamental shifts in the nature of cybersecurity.


The Internet is Too Big

In the past, you had a demarcated area which you patrolled and policed. You had your IT infrastructure to worry about, and that was it. But now, you have to worry about the entire internet. All the platforms and channels your enterprise utilizes, and all the individual users out there interacting with various areas of your digital footprint, are now, in effect, part of your enterprise, because armful or noncompliant content, for which your enterprise is responsible, could be
lurking anywhere.

On a fake Facebook page you donʼt know about; in the private messages of a wayward employee; deep in a forum - all these dark places must be brought to light; you have be able to see before you can control. Traditional security tools have no way to cast their net far and wide enough to scan all of cyberspace for possible digital transformation risks. They simply canʼt do it because they were not built for this purpose. Properly mitigating digital risk means having a holistic view of everything occurring with an enterprise's digital sphere. Without dedicated tools purpose-built for the new threat landscape, this is impossible.

Cloud Platforms Have Inherent Visibility Issues

When all enterprise communications happened within the perimeter, there was no visibility challenge. Intranets could be scanned, internal communications could be checked. Companies could be sure that there was oversight on all, or at least most, of the important communications their staff were involved in.
CASBs will log traffic or control access to enterprise clouds, but more advanced intelligence is hard to gather. Too often, a vast amount of a companyʼs digital footprint is simply invisible to the teams who are meant to be responsible for it.

Teams need to institute a fully configurable policy engine that can oversee, capture and preserve a complete digital record of communications to an archive in order to mitigate digital security risk. But they canʼt even see, let alone act on, what is going on in the third-party cloud channels where their company’s teams are spending a huge part of their day. And they donʼt own any of the data being produced in those channels.


Human Intelligence Canʼt Keep Up

Already, human security teams are making serious compromises in order to keep up with the flow of digital data they are meant to police. We see this with the practice of sampling.

Risk and compliance teams cannot possibly review all of a given set of digital communications; there is simply too much data, and not enough bodies to trawl through it all. So what do they do instead? Rather than assessing 100% of communications, they assess 7-10% of them. Then they extrapolate the findings from this 10% out to the other 90%.

While this has a certain logic, it is an incomplete and even dangerous way of supervising communications. Similarly, traditional security controls are often based on patterns, signatures, or heuristics. When a new attack signature, virus pattern or file-hash is detected, there is a certain time-lag between the initial discovery and the required system update. Often, human workers manning these systems are too slow to respond. They are moving as fast as humanly possible, but they would have to be superhumans to keep up with today’s data tsunami.

For example, one of our customers produces between 40,000 to 70,000 Slack messages every day. For a global pharmaceutical company, a regional sales team of 450 people generated over 116,000 WhatsApp messages in a single month.

Only AI-driven digital risk solutions can perpetually monitor every relevant digital endpoint. Only an AI-driven digital risk solution can institute detection policies that reliably capture every concerning event in line with customizable policies.
Modern digital risk protection requires a comprehensive solution that can scale beyond human abilities in both reach and governance. It requires the data aggregation and recall, lightning-speed data processing, and instantaneous decision making of machine-powered systems.
The key problem is this:
In the modern era, an enterpriseʼs digital life takes place outside of its IT infra-structure. Sales, marketing, and other business-critical activities now happen in the digital space, and well outside of the traditional security perimeter.

Once upon a time, companies established a perimeter, with firewalls and authentication systems and so on, and that was that. Their online presence is divided across numerous channels and accounts that are not in their control. Such a state of affairs makes it very difficult to maintain visibility or maintain control into an enterpriseʼs entire digital footprint. Add to this scenario employees at all levels using their personal phones for business, and you have a data governance nightmare.

The digital front remains unrestricted, unmonitored, and unmanaged. Gaining the visibility required for true governance and policy enforcement is impossible without tools purpose-built for this new frontier. Fraudulent or fake channels and accounts can proliferate, without the organization even knowing it. Itʼs impossible to stop what you canʼt see.

When your enterprise security is reliant on external, unregulated channels, you have a problem. The data and intel necessary for managing risk in digital transformation and staying secure and compliant is not within your sphere of influence.

The Future of Digital Risk Protection

Effective digital risk protection is not just about security. By ensuring security, digital risk protection supercharges processes that are tied directly to growth. Digital channels are the modern drivers of revenue, R&D and customer engagement.

When enterprise security teams possess the digital risk solutions they need to get visibility over the whole infrastructure including the new threat surface, they can say to teams: Go ahead. Move fast, go mobile-first, download the apps you need.

According to Pricewaterhouse Coopersʼ 2020 Global Digital IQ report, only 5% of companies are successfully undertaking digital transformation. One of the four key things that distinguishes these “Transcenders” is that they are able to build resilience.

The future is here, and it is rife with new forms of digital risk. Resilience is impossible to build without a structured and robust system of dealing with a new generation of cyber concerns.

But all is not lost. Where there is challenge, there is opportunity Once enterprises can gain the required visibility and controls, they can leverage digital risk protection as a new driver of digital transformation. Policing the complete digital threat surface becomes not just a defensive tactic, but an offensive strategy--one that can help win new revenue and new customers. It all starts with gaining total visibility into all the channels your executives and employees use for business today.
Addressing digital transformation risks enables business enterprises to fully leverage the technologies that drive digital transformation and really capitalize on the benefits they bring. In fact, increasingly we will see the age where true, sustained digital transformation without the tools that can govern the full threat landscape becomes impossible. Savvy enterprises are already recognizing that protecting their data, people and brand can be a driver of competitive advantage. Enterprise-class digital risk management can do more that the vital job of protecting people, data and brands; it can do all that in a way that improves operational efficiency and helps humans be more productive at their jobs.

Managing risk in digital transformation requires that monitoring, archiving, and execution be driven by a centralized system. This way, data isnʼt siloed, so you can avoid proliferating points of failure and risk. Digital risk protection needs to be driven from a central command hub where an enterpriseʼs entire digital footprint can be seen and proactively managed.
Secure Human Connections

Ready to see how SafeGuard Cyber secures modern communication apps wherever they exist?