DRP - Digital Risk Protection
Digital risks exist on social media and web channels, outside most organization's line of visibility. Organizations struggle to monitor these external, unregulated channels for risks targeting their business, their employees or their customers.
Categories of risk include cyber (insider threat, phishing, malware, data loss), revenue (customer scams, piracy, counterfeit goods) brand (impersonations, slander), and physical (physical threats, natural disasters).
Due to the explosive growth of digital risks, organizations need a flexible, automated approach that can monitor digital channels for organization-specific risks, trigger alerts and remediate malicious posts, profiles, content or apps.
Digital risk protection (DRP) is the process of protecting social media and digital channels from security threats and business risks such as social engineering, external fraud, data loss, insider threat and reputation-based attacks. Digital Risk Protection reduces risks that emerge from digital transformation, protecting against the unwanted exposure of a company’s data, brand, and attack surface and providing actionable insight on threats from the open, deep, and dark web.
Suppliers DRP - Digital Risk Protection
F.A.Q about DRP - Digital Risk Protection
What is a digital risk?
Digital risks can take many forms. Most fundamentally, what makes a risk digital? Digital risk is any risk that plays out in one form or another online, outside of an organization’s IT infrastructure and beyond the security perimeter. This can be a cyber risk, like a phishing link or ransomware via LinkedIn, but can also include traditional risks with a digital component, such as credit card money flipping scams on Instagram.
What are the features of Digital Risk Protection?
The features are:
- Protecting yourself from digital risk by building a watchtower, not a wall. A new Forrester report identifies two objectives for any digital risk protection effort: identifying risks and resolving them.
- Digital risk comes in many forms, like unauthorized data disclosure, threat coordination from cybercriminals, risks inherent in the technology you use and in your third-party associates, and even from your own employees.
- The best solutions should automate the collection of data and draw from many sources, should have the capabilities to map, monitor, and mitigate digital risk, and should be flexible enough to be applied in multiple use cases — factors that many threat intelligence solutions excel in.
What elements constitute a digital risk?
Unauthorized Data Disclosure
This includes the theft or leakage of any kind of sensitive data, like the personal financial information of a retail organization’s customers or the source code for a technology company’s proprietary products.
Threat Coordination Activity
Marketplaces and criminal forums on the dark web or even just on the open web are potent sources of risk. Here, a vulnerability identified by one group or individual who can’t act on it can reach the hands of someone who can. This includes the distribution of exploits in both targeted and untargeted campaigns.
Supply Chain Issues
Business partners, third-party suppliers, and other vendors who interact directly with your organization but are not necessarily following the same security practices can open the door to increased risk.
Even the most secure and unbreakable lock can still easily be opened if you just have the right key. Through social engineering efforts, identity or access management and manipulation, or malicious insider attacks coming from disgruntled employees, even the most robust cybersecurity program can be quickly subverted.
This broad category includes all of the risks you must consider across the different technologies your organization might rely on to get your work done, keep it running smoothly, and tell people about it.
- Physical Infrastructure: Countless industrial processes are now partly or completely automated, relying on SCADA, DCS, or PLC systems to run smoothly — and opening them up to cyber attacks (like the STUXNET attack that derailed an entire country’s nuclear program).
- IT Infrastructure: Maybe the most commonsensical source of digital risk, this includes all of the potential vulnerabilities in your software and hardware. The proliferation of the internet of things devices poses a growing and sometimes underappreciated risk here.
- Public-Facing Presence: All of the points where you interact with your customers and other public entities, whether through social media, email campaigns, or other marketing strategies, represent potential sources of risk.