Digital Risk Protection

 

Digital Risk Protection (DRP) is the practice of protecting third-party cloud channels from various forms of digital threat. As part of digital transformation initiatives, enterprise organizations are increasingly dependent on social and digital channels for everyday productivity, customer engagement, and growth. With this dependency comes the need to secure these channels against unauthorized access, malware, phishing, data loss, compliance violations or account compromise. Digital Risk Protection processes aim to secure these channels and aid in managing risk in digital transformation. For the modern enterprise, a robust DRP stance is an absolute necessity to secure the technology that drives business growth and revenue.

professional using whatsapp
Digital transformation, in its simplest form, involves gaining efficiencies through digital means. This typically means shifting from outdated applications, systems, and practices to more sophisticated, modern, and versatile approaches and strategies.
 
However Gartner have put it, "true digital transformation is associated with developing wholly new business models around digital." This means conceiving of digital tools and channels as not only ancillary to business goals, but fundamental drivers of mission to meet those goals. 
 
Every forward-looking business is undertaking some degree of digital transformation, and increasing their engagement with cloud applications. Enterprises that are ahead of the curve are considering the new wave of digital platforms as truly central to goals of revenue growth and customer engagement.

Within every organization, social and digital cloud-based channels are now mission-critical, and used across multiple departments. These third party channels fall into two categories:


1. External: Customer-facing growth channels

External channels are the channels that marketing, sales, and customer experience teams use to drive engagement and growth: Social media, LinkedIn, mobile chat apps like WhatsApp, and more.


2. Internal: Service platforms 

Internal channels are those technologies that companies rely on for operational efficiency and agility: Collaboration platforms like Slack and Microsoft Teams, and larger suites like Salesforce, Veeva CRM, and Sharepoint. 


These new cloud channels are how work gets done. Embracing them is a core part of digital transformation strategies. Without these cloud channels, a modern-day business is destined to get left behind.

The new suite of cloud-based channels are powerful and exciting tools. However, as they come to play a key role in digital transformation strategies and central business processes, they become digital transformation risks. 


Email has long been a digital security risk, and a favorite attack point for cyber criminals, state actors, and other adversaries. However, a significant portion of marketing, sales, and organizational communications now take place outside of email. These communications have moved over to the third-party cloud channels that are now crucial for both growth and internal operations. 


The increased use of these external and internal cloud channels means that the organizational threat surface has expanded. This new surface spans a variety of new applications, each with its own demands and requirements. Every cloud channel possesses a different owner, reporting into a different line of business: CMO, CHRO, CIO, CRO, or CXO. Departmental ownership is similarly split. For example, IT sometimes oversees Slack and Teams; HR is usually the buyer for Facebook Workplace; Sales oversees Salesforce; Marketing oversees Instagram – and so on. This newly evolved threat surface introduces a new category of digital risk. 


Digital risk refers to new forms of old threats faced by enterprise organizations that are increasingly dependent on cloud channels for productivity, customer engagement, and growth. 

Today, third-party cloud channels are every bit as mission-critical as email. And they are every bit as threatened. Phishing research1 shows that organizations face social media attacks with approximately the same frequency as they face email spear-phishing and email BEC attacks.


Digital risks don’t only threaten the security of enterprises; they threaten the project of digital transformation itself. Organizations that want to fully embrace digital transformation need to embrace these cloud channels as rapidly as possible. But savvy security personnel can see their lack of visibility and control, and they have no choice but to insist that the company put the brakes on. 


Security personnel don’t want to be the “No” people. But unless they feel totally confident in their ability to battle modern digital security risk, they cannot greenlight a full-blown digital transformation project. 

Cyber Threats

 

According to the FBI, in 2019, malicious cyber activity accounted for losses exceeding $3.5 billion. Cybercrime takes a variety of forms, but a common target of attack is the corporate digital cloud channel. Bad actors target these channels with malicious content, malware (including ransomware), spear-phishing attacks, hacktivist campaigns, and more. Just one successful cloud infiltration can be devastating. One ransomware attack can cost a company an average of $141,000 in damage and recovery.

marvin-meyer-SYTO3xs06fU-unsplash

Insider Threats

 

76% of high-tech executives are concerned about insider threats. Across industries, every single year, billions of private records are breached. Almost 90% are compromised via insiders, both malicious and accidental. Outsourced service providers, contractors and consultants are common points of ingress or egress. Disgruntled former employees can also do a lot of damage.


Compliance Risks

 

Major regulations (FINRA, FCPA, HIPAA) now require that citizens’ personally identifiable information (PII) is protected. This regulation mandates the supervision and preservation of all forms of electronic communications. In turn, each industry has its own regulatory requirements. Finserv companies need to watch for promissory language; pharmaceutical companies need to monitor mentions of adverse events.

The velocity and volume of digital communications makes establishing this kind of oversight a serious challenge. Organizations are scrambling to deal with hundreds of thousands of messages or records per month. But failure to maintain full coverage easily leads to noncompliance, fines, and reputational damage.


Brand Damage

 

Brand impersonation attempts, where fraudsters send spoofed emails posing as a real company, can do heavy damage. So can other kinds of social engineering campaigns, and digital sabotage in the form of piracy and counterfeit goods. Even malicious customer posts can result in brand damage, loss of revenue, and shareholder value. 

Beyond The Perimeter


As businesses undergo digital transformation, the attack surface expands well beyond the perimeter. Traditional perimeter-based defenses still have their uses. But their coverage can’t extend to where digital communication channels and social media platforms are.  


Companies are facing a new and increasingly challenging digital risk landscape. Why? Because of fundamental shifts in the nature of cybersecurity.

 

Cloud Platforms Have Inherent Visibility Issues

 

When all enterprise communications happened within the perimeter, there was no visibility challenge. Intranets could be scanned, internal communications could be checked. Companies could be sure that there was oversight on all, or at least most, of the important communications their staff were involved in.

 

But now? Lack of visibility is the norm. For example, companies have very little insight into what their employees are saying to customers via WhatsApp. They have limited or no capacity to scan for compliance risks within LinkedIn direct messages. 

 

CASBs will log traffic or control access to enterprise clouds, but more advanced intelligence is hard to gather. As standard, a vast amount of a company’s digital footprint is simply invisible to the teams who are meant to be responsible for it. 

 

Teams need to institute a fully configurable policy engine that can oversee, capture, and preserve a complete digital record of communications to an archive in order to mitigate digital security risk. But they can’t even see what is going on in the third-party cloud channels where staff are spending hours every day, let alone act on anything troublesome. They don’t own any of the data being produced in those channels. 

 

Human Intelligence Can’t Keep Up

 

Already, human security teams are making serious compromises in order to keep up with the flow of digital data they are meant to police. 

 

We see this with the practice of sampling. Risk and compliance teams cannot possibly review all of a given set of digital communications; there is simply too much, and not enough bodies to trawl through it all. So what do they do instead? Rather than assessing 100% of communications, they assess 7-10% of them. Then they extrapolate the findings from this 10% out to the other 90%. While this has a certain logic, it is an incomplete and fairly slipshod way of supervising communications.

Similarly, traditional security controls are often based on patterns, signatures, or heuristics. When a new attack signature, virus pattern, or file-hash is detected, there is a certain time-lag between the initial discovery and the required system update. Often, human workers manning these systems are slow to respond.

 

The reality is: Modern-day digital risk can only be effectively combated with the aid of AI and machine learning. 

 

For example, one of our customers produces between 40,000 to 70,000 Slack messages every day. For a global pharma company, a regional sales team of 450 people generated over 116,000 WhatsApp messages in a single month.

Only AI-driven digital risk solutions can perpetually monitor every relevant digital endpoint. Only AI-driven digital risk solutions can institute detection policies that reliably capture every concerning event in line with customizable policies. Modern digital risk protection requires a comprehensiveness, a breadth and reach of platform coverage, that human teams cannot keep up with. It requires the data aggregation and recall, lightning-speed data processing, and instantaneous decision making of machine-powered systems.


The key problem is this: In the modern era, an enterprise’s digital life takes place outside of its IT infrastructure. Sales, marketing, and other business-critical activities now happen in the digital space, and well outside of the traditional security perimeter.

Once upon a time, companies established a perimeter, with firewalls and authentication systems and so on, and that was that. Their online presence is divided across numerous channels and accounts that are not in their control.


Such a state of affairs makes it very difficult to maintain visibility or maintain control into an enterprise’s entire digital footprint. The digital front remains unrestricted, unmonitored, and unmanaged. Maintaining visibility is very hard. Fraudulent or fake channels and accounts can proliferate, without the organization even knowing it. It’s impossible to stop what you can’t see.


When your enterprise security is reliant on external, unregulated channels, you have a problem. The data and intel necessary for managing risk in digital transformation and staying secure and compliant is not within your sphere of influence.


The Threat Surface Has Grown Exponentially


In the past, you had a demarcated area which you patrolled and policed. You had your IT infrastructure to worry about, and that was it. 


But now, you have to worry about the entire internet. Surface web and dark web. All the platforms and channels your enterprise utilize, and all the individual users out there interacting with various areas of your digital footprint. Harmful or noncompliant content, for which your enterprise is responsible, could be lurking anywhere. On a fake Facebook page you don’t know about; in the private messages of a wayward employee; deep in a forum. 

Traditional security tools have no way to cast their net far enough and wide enough to scan all of cyberspace for possible digital transformation risks. They simply can’t do it. Properly mitigating digital risk means having a holistic view of everything occurring with an enterprise's digital sphere. Without dedicated tools, this is impossible.

Effective digital risk protection is not just about security.

 

By ensuring security, digital risk protection supercharges processes that are tied directly to growth. Digital channels are the modern drivers of revenue, R&D and customer engagement. When enterprise security teams possess the digital risk solutions they need to get visibility over the whole infrastructure and the new threat surface, they can say to teams: Go ahead. Move fast, go mobile-first, download the apps you need.

 

According to Pricewaterhouse Coopers’ 2020 Global Digital IQ report, only 5% of companies are successfully undertaking digital transformation. One of the four key things that distinguishes these “Transcenders” is that they are able to build resilience. 

 

The future is here, and the future is rife with new forms of digital risk. Resilience is impossible to build without a structured and robust system of dealing with a new generation of cyber concerns. And with the required visibility and controls, digital risk protection becomes a driver of digital transformation. Policing the complete digital threat surface becomes not just a defensive tactic, but an offensive strategy that helps win new revenue and new customers.

 

Addressing digital transformation risks enables business enterprises to fully leverage the technologies that drive digital transformation and really capitalize on the benefits they bring. From accelerating tedious tasks to simplifying complex business processes to increasing individual and collective efficiencies of employees, a comprehensive digital risk management strategy should help businesses achieve all these.

 

To thrive, companies need a flexible, automated approach that can oversee digital channels for organization-specific risks, trigger alerts, and remediate malicious posts, profiles, content, or apps.

 

Managing risk in digital transformation requires that monitoring, archiving, and execution be driven by a centralized system. This way, data isn’t siloed, which produces proliferating points of failure and risk. Digital risk protection needs to be driven from a central command hub where an enterprise’s entire digital footprint can be seen and proactively managed.