The Evolving Cyber Threat Environment: Why Your Business Needs External Monitoring

Posted by Greg Mancusi-Ungaro

Thu, Feb 11, 2016

Regardless of industry or market, CISOs are facing new classes of attackers, from sophisticated teams of hackers who want to obtain an enterprise’s lucrative customer data to activists who want to ruin a company’s reputation and fraudsters who imitate a brand for financial gain. Cybercrime has become organized crime and criminals are finding new ways to harm businesses and individuals on a daily basis.

Without being alarmist, depending on the size and notoriety of your company, it's not unreasonable to assume that while you are reading this, someone is working to pry private, sensitive data from your servers. CISOs must stay ahead of the curve to combat the rapidly evolving cyber threats that have resulted from an increasingly global and digital business landscape.

The Necessity of Regulatory Compliance

In addition to general security regulation put forth by governmental agencies in North America, certain industries have other regulatory bodies with which they must comply. For example, financial institutions in the U.S. must comply with FDIC and FFIEC regulations to help ensure the integrity of communications and online activity. On a global scale, foreign financial institutions with a large presence in the U.S. subject to those same U.S. regulations. However, compliance initiatives are not usually sufficient to stem security concerns.

To better understand potential security gaps, especially in regards to cyber threats beyond the perimeter, many enterprises have joined their industry’s ISAC organization, such as FS-ISAC, the premier security working group for financial services industry. Through organizations like this, and emerging ISACs and ISAOs, institutions and enterprises are able to pool knowledge and plan for the latest kinds of cyber threats, and implement robust threat detection architectures, controls and information sharing programs.

But even as organizations develop and implement strategies for staying ahead of the cybercriminals, they have been unable to solve their security problems – particularly when relying solely on in-house resources. Because of the massive costs and resource requirements necessary to build a team to detect and manage outside threats, outsourcing a portion of cyber security has become the norm for most companies.

Ensuring Security Beyond the Perimeter

A large North American firm with a global presence recently worked with BrandProtect to estimate the costs of protecting the firm (employees, assets, partners, reputation) from third party cyberattacks and brand abuse through a wholly in-house effort. It determined that it would have to assemble a team of at least six people and invest between $2 to $3 million annually to create coverage that at best would only attain a small fraction of the coverage that it enjoyed through its partnership with a security firm – in this case, BrandProtect.

A strong partnership with a security services provider effectively adds highly trained, deeply experienced cyber threat specialists to a firm’s existing security team without the need for additional training or technology investments. From phishing scams and domain abuse to mobile application fraud and sophisticated identity theft schemes, a dedicated managed service can provide multiple layers of threat detection, analysis, threat correlation, and threat mitigation. All day, every day, these services will patrol online sites and markets to discover and understand any threats to a business and unauthorized or infringing online content related to the firm or its employees.

An increased use of technology across all business models has led to more threat vectors than ever before, as attackers have exploited gaps formed by business being transacted digitally and employees having access to an organization’s data outside of its walls. As a result, cyber threats are moving beyond the traditional security perimeter, which is making it harder for organizations to detect potential attacks using existing perimeter-focused tools. Without the proper preparations, such as implementing holistic external monitoring and collaborating with security experts, organizations will struggle to detect and diffuse online threats. Forward-thinking CISOs are already adopting external monitoring to better protect their organizations, and that number will increase throughout 2016.

Will you be ready?

Read More

Topics: Security, internet security, cyber threats, CISO, InfoSec

Will the Real Donald J. Trump Please Stand Up?

Posted by Peter Dylan

Thu, Jan 28, 2016


As part of the BrandProtect 2016 Elections Project, we’ve been looking at The Donald’s use of Twitter. 

Or, more accurately, we’ve been looking at how others have been using Donald Trump's identity to promote their twitter activity.  There are lots of them.....

 

Read More

Topics: cybersquatting, online identity, twitter, brandprotect, cyber threats, Donald Trump, 2016 Elections

191 Million Voter Records Have Been Exposed. What Does it Mean To You?

Posted by Greg Mancusi-Ungaro

Fri, Jan 08, 2016

 

Over the past weeks there has been a lot of reporting, including these great pieces by Steve Ragan at CSOonline.com and Mathew J. Schwartz at BankInfoSecurity.com about a December 20, 2015 discovery that a database containing 191 Million voter records had been exposed online. As part of the BrandProtect 2016 Elections Project, we dug into the situation, and what it means to you.

Because of the nature of the exposure – effectively a database containing the records was left unlocked and unprotected – there is no way to know who might has downloaded the information.

Make no mistake, this is a big number. And it is an important number.  Consider this: the US Census Bureau estimated that there were approximately142 Million registered voters in 2014. This means that the recent exposure of 191 million voting records is not just a large data breach.  It’s a national issue -- effectively every registered voter in America has had their PII exposed... Wow...

Read More

Topics: Identity Theft, data breach, Social Media Monitoring, cybercrime, social media, online risk, PII, Spear Phishing, Voting Records, 2016 Elections

Jeb Bush Has A Domain Problem.  Do You?

Posted by Greg Mancusi-Ungaro

Tue, Dec 08, 2015

That sound you hear is a bunch of the staffers at jeb2016.com (the official Jeb Bush website) trying to make it seem like they are on top of their web presence.  Or is that the Trump team, laughing?  We can't be sure.  

The Washington Post reported yesterday that people who type "jebbush.com" into a browser found themselves redirected to Donald Trump's official site, donaldjtrump.com. You read that right -- one of the leading candidates for the Republican nomination for President of the United States has found himself on the wrong side of one of the most basic domain abuse issues. Someone else has registered a similar domain and is using it to confuse the public. Try it: jebbush.com (It's fun!)

Download the InfoGraphic

Yes, it's funny for a moment. But in reality it is very scary. In fact, it is potentially devastating.

The massive breach at Anthem earlier this year originated from spear phishing emails that were sent from domains that impersonated Anthem. The employees who recieved the emails did not notice that the emails originated from a rogue address. They unwittingly opened attachments or clicked on links that gave the attackers inside access to Anthem networks. 

Game over.

When others appropriate your web presence by registering or appropriating a similar or easily mistaken domain, they put themselves in a position to confuse your message, siphon revenues or worse. 

How big a problem can it be?...

Read More

Topics: Brand Protection, data breach, scam, brand abuse, Domain Management, cybersquatting, Phishing, gTLD, brandprotect, infographic, cyber threats, online risk, brandjacking, Health Care, OSINT, Jeb Bush, Legal, Spear Phishing, CISO, CSO, InfoSec, Donald Trump, 2016 Elections, Anthem, CMO

Viewpost Chooses BrandProtect

Posted by Greg Mancusi-Ungaro

Wed, Dec 02, 2015

Viewpost® Selects BrandProtect™ to Secure Complex Attack Surface

Payments Marketplace Provider Required a Solution With Round-the-Clock Threat Monitoring and Mitigation to Protect Its Customer Information From Beyond the Perimeter Attacks

Read More

Topics: Malware, mobile app monitoring, Security, Social Media Monitoring, Phishing, webinar, SMART, brandSMART, bankSMART, threatSMART

ThreatAlert: Wildcard DNS Attack Spike

Posted by Dylan Sachs

Mon, Oct 19, 2015

BrandProtect has recently observed a spike in activity for one of its customers; a large, NA-based financial institution with global presence.  These attacks employ a “wildcard” DNS entry – eg. *.domain.com – and simple scripting to create hundreds of unique URLs, thereby circumventing exact-match antispam rules, and increasing the likelihood of phishing lure delivery. 

Read More

Topics: cyber threats

What Should CISOs Learn from Ashley Madison?

Posted by Greg Mancusi-Ungaro

Wed, Sep 02, 2015

This month the BrandProtect Executive Threat Brief focused on lessons that individuals can learn from Ashley Madison. It is likely that the Ashley Madison breach will be remembered as one of the most notorious and high-profile breaches ever. Why? Because the exposed data was more than just personally embrassing, it was, in many cases, relationship-changing, employment-threatening, and business damaging.

5 Key Take-Aways

1) Ashley Madison is Bad for Your Business
Many companies saw their name dragged through the dirt as scores of corporate email addresses surfaced among the millions of exposed Ashley Madison accounts. Deserved, or undeserved, it is never good when your company is dragged through the dirt. And when key executives and other corporate leaders are caught up in the story, it can be very bad for business.

Read More

When You Can’t Trust Criminals on the Deep Web, Who Can You Trust?!

Posted by Jeff Daisley

Fri, Jul 31, 2015

During my morning news scan, I came across some interesting articles surrounding the recent Hell Tor deep web cybercrime forum.  And in particular, discussion about the associated text file that contained more than 23,000 records that “appeared” to be a user database populated exclusively by user accounts with dot-gov email from the Office of Personnel Management (OPM). After a close review of the file, experts stated that these records -- made available as a teaser and/or as “proof” that the hackers had compromised the agency --  were not from the OPM,  instead they were a list of users stolen from a different government agency — Unicor.gov, also known as Federal Prison Industries.

Read More

Topics: scam, hackers, cyber threats, OPM Breach, deep web, pastebin

Free White Paper

BrandProtect 
2016 Cybersecurity Predictions

Trends, Opportunities, Strategies, for CISOs, and Security Executives

Download the 2016 Predictions  

Subscribe to receive our latest posts in your inbox

Posts by Topic

see all