RSA Conference takes place next week, and as always, I’m looking forward to a great week of networking, learning, sharing and
drinking socializing. While lots of ideas are circulated at RSA, I want to tell you why Digital Risk Protection (DRP) will be the hottest topic at this year’s event, and share a few opportunities to learn more about this must-know solution.
The Digital Risk Dilemma: How to Protect What You Don’t Control
Companies have charged full steam ahead into the digital age, which has brought about lots of positive change and opportunity. But digital transformation has given rise to what I like to call "the digital risk dilemma". As organizations have expanded their use of the web, they’ve expanded the ways in which they can be attacked, impersonated and scammed online. So how do you protect against what you can’t control?
Many companies have turned to threat intelligence to combat these new cyber threats, but there are a number of challenges with traditional threat intelligence:
- Too Much Noise, Not Enough Action: Intelligence feeds are often too generic, and don’t tell you how and why your organization is impacted by a certain threat.
- Lack of Resources: Many organizations don’t have the bandwidth or expertise to manage the intelligence as it comes in. What good is intelligence if you can’t take action on it?
- Insufficient Use Case Support: Intelligence might be good at feeding you malicious indicators, but doesn’t account for new ways cybercriminals are attacking people (i.e. brand impersonation, executive targeting, retail scams)
What is DRP and Why Should I Care?
Before we define Digital Risk Protection, I want to be clear on one thing…DRP is NOT a replacement for threat intelligence. Threat intelligence plays an important role in an effective DRP program, but DRP provides a more complete framework for how organizations must protect themselves in the digital age.
For threat intelligence to be relevant and actionable, it needs to map to how your organization uses digital technologies (i.e. your digital footprint). For example, you’ve likely made an investment in a social media presence, but what if a threat actor sets up a fake page to mimic your brand and phish customers? Or what if one of your salespeople’s login credentials are posted for sale on a dark web forum? These threats happen every day, but threat intelligence feeds likely won’t help you identify them.
That’s why organizations must go beyond traditional threat intelligence to effectively protect themselves from these digital risks (hence, digital risk protection).
There are four key stages of DRP, which all conveniently start with the letter M.
- Map: You need to know your attack surface to know how you might be attacked. Charting your entire digital footprint enables you to identify and gain context around specific attacks that target your digital assets.
- Monitor: The next step is to begin detecting threat events based on risk relevance and severity, including indicators of attack, compromise and abuse.
- Mitigate: Here is where you take action, like enforcing controls via automated integration and remediation, and resolving events with takedown requests, patching, IP blacklisting, cease and desists and more.
- Manage: Finally, managing the process takes place across the first three activities, but is important to operationalize and optimize your DRP process, and ensure the right departments are armed with the right information at the right time.
Will I See You at RSA?
I’m looking forward to discussing new strategies and challenges for managing digital risk at RSA, and would like to point out a few opportunities to learn more.
- Attend my speaking session, The Digital Risk Dilemma: How to Protect What You Don’t Control, on Tuesday, March 5th from 1:00-1:50pm.
- Pick up your free copy of Digital Risk Protection for Dummies, which I co-authored and we’ll be giving out at our booth (booth 1067, South Hall)
- Come find me and let’s chat DRP!
Hope to see you there! In the meantime, check out the Forrester DRP Wave Report to prepare for RSA and familiarize yourself with the market.