Digital Risk Protection - d3oxih60gx1ls6.cloudfront.net€¦ · Digital risk advocacy, training &...
Transcript of Digital Risk Protection - d3oxih60gx1ls6.cloudfront.net€¦ · Digital risk advocacy, training &...
9/25/2018
1
Privacy & Security 2018
Nick Hayes
Senior Analyst
Digital Risk Protection Defending What You Don’t Control
2© 2018 Forrester Research, Inc. Reproduction Prohibited
A different type of threatSnippets From Mueller Indictment Of Russian Operatives
9/25/2018
2
3© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Ex: Social media botnet clustering
Source: Screenshot from ZignalLabs’ visual botnet dashboard
4© 2018 FORRESTER. REPRODUCTION PROHIBITED.
9/25/2018
3
5© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Digital risk
Exposure to malicious and
inadvertent events online that
directly link to and affect your
business, brand, or people.
6© 2018 FORRESTER. REPRODUCTION PROHIBITED.
IT
Our attack surface keeps growing
9/25/2018
4
7© 2018 FORRESTER. REPRODUCTION PROHIBITED.
IT
Shadow
Our attack surface keeps growing
8© 2018 FORRESTER. REPRODUCTION PROHIBITED.
IT
Shadow
Mobile
Our attack surface keeps growing
9/25/2018
5
9© 2018 FORRESTER. REPRODUCTION PROHIBITED.
IT
Shadow
Mobile
Social
Our attack surface keeps growing
10© 2018 FORRESTER. REPRODUCTION PROHIBITED.
IT
Shadow
Mobile
Social
Web
Our attack surface keeps growing
9/25/2018
6
11© 2018 FORRESTER. REPRODUCTION PROHIBITED.
IT
Shadow
Mobile
Social
Web
IoT, IPv6, ??
Our attack surface keeps growing
12© 2018 FORRESTER. REPRODUCTION PROHIBITED.
IT
Shadow
Mobile
Social
Web
3rd parties 3rd parties
Our attack surface keeps growing
IoT, IPv6, ??
9/25/2018
7
13© 2018 FORRESTER. REPRODUCTION PROHIBITED.
IT
Shadow
Mobile
Social
Web
3rd parties 3rd parties4th parties 4th parties
Our attack surface keeps growing
IoT, IPv6, ??
14© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Active threats to your organization:
– Data and IP exposure
– Brand hijacking, account takeovers
– Executive/VIP safety
– Stock sabotage, crisis amplification
– Digital extortion
9/25/2018
8
15© 2018 Forrester Research, Inc. Reproduction Prohibited
Example: Angler phishing
Which one is real?
16© 2018 Forrester Research, Inc. Reproduction Prohibited
Example: Angler phishing
Which one is real?
9/25/2018
9
17© 2018 Forrester Research, Inc. Reproduction Prohibited
Tactics are effective and often sophisticated
18© 2018 Forrester Research, Inc. Reproduction Prohibited
Customers will even use the dark web
9/25/2018
10
19© 2018 FORRESTER. REPRODUCTION PROHIBITED.
We have less control
20© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Ina
bility
to c
on
trol
We have less control
9/25/2018
11
21© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Known assets, corporate-controlled digital footprint
Ina
bility
to c
on
trol
We have less control
22© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Unsanctioned activity, rogue accounts
Ina
bility
to c
on
trol
We have less control
9/25/2018
12
23© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Spoofing, impersonations, fraud
Ina
bility
to c
on
trol
We have less control
24© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Coordinated botnets, criminal marketplaces
Ina
bility
to c
on
trol
We have less control
9/25/2018
13
25© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Defend your digital footprint with active risk recon and response.
26© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Potential Emerging Crisis
Preventive
Responsive
Unprepared
Event stage
Ris
k im
pa
ct
Risk threshold
Recovery
9/25/2018
14
27© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Develop active digital risk protection.
28© 2018 FORRESTER. REPRODUCTION PROHIBITED.
The three-step process of DRP
MapCatalog your entire digital footprint.
MonitorApply business and asset context for targeted scanning and detection.
MitigateStreamline controls and remediation action to curb risk impact.
9/25/2018
15
29© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Points of presence
Actors
AssetsAffinities
MapCatalog your digital assets & attributes
30© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Catalog your digital assets & attributes
• Web sites and infrastructure
• Social media, apps Points of
presenceActors
AssetsAffinities
Map
9/25/2018
16
31© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Catalog your digital assets & attributes
• Employees, execs, third-parties
• Threat actors, bots
Actors
AssetsAffinities
Map
32© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Catalog your digital assets & attributes
• Brands, logos, products
• PII, PHI, SSNs
AssetsAffinities
Map
9/25/2018
17
33© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Catalog your digital assets & attributes
• Demographics, psychographics
• Relationships
Affinities
Map
34© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Establish consistent visibility
1. Data collection techniques
– Access: APIs, pay-for-access data, other security intel feeds
– Harvesting: Data crawlers, bots, sensors, etc.
– HUMINT: analyst-curated, in-depth investigations
2. Breadth and depth of risk analytics
– Scope: number of assets, entities, regions, data types
– Frequency: rate of scans – weekly, daily, real-time
– Sophistication: risk scoring, alert options, data visualization
Monitor
9/25/2018
18
35© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Prepare your response
1. Digital risk scenario analysis
2. Technical controls and contingencies– Account and asset protection
– Takedowns and event remediation
– Integration with security tools: firewalls, ESGs, etc
3. Response teams and plans– Decision trees, crisis communications
– Key external stakeholders, regional support
Mitigate
36© 2018 FORRESTER. REPRODUCTION PROHIBITED.
DRD leadership & expertise
Marketing, security, & risk collaboration
Digital risk advocacy, training
& awareness
Event review & escalation
Digital risk remediation
Digital governance
Digital footprint discovery &
mapping
Social risk monitoring &
mitigation
Web & Dark Web monitoring
& mitigation
Strategy & Performance Management
Digital assurance
Digital risk & compliance mgmt
People Process Technology
Oversight
Mobile risk monitoring &
mitigation
Malvertising & digital marketing
security
Digital risk analytics
Forrester’s digital risk framework
9/25/2018
19
37© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Simplified capabilities assessment
Map Monitor Mitigate
Social media ◕ ● ◑Mobile app stores ◔ ◔ ○Surface web ◑ ◕ ◕Dark web ◔ ◑ ○Third-parties ◔ ◑ ◕
38© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Digital distortion is only just beginning
9/25/2018
20
39© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Key takeaways
1. Digital footprints are vast and valuable.
2. Detection and remediation supersede prevention.
3. DRP requires both data analytics and integration.
4. CISOs must prioritize brand security initiatives.
Thank you
Nick Hayes
@nickhayes10
For further reference
Zero Trust Outside The Wire: Combatting Influence Operations
Chase Cunningham
Nick Hayes
Jeff Pollard