Security Approaches & Methods

DRPS: What is it?

In the ever-expanding ecosystem of digital operations, organizations are under an increased threat of digital risks. Digital Risk Protection Services (DRPS) is the practice of protecting internal resources from external threats during digital transformation.

As a company expands its digital footprint, it also expands the attack surface for threat actors to execute malicious attacks. There are 10 primary categories of digital risks to be aware of:

      • Cybersecurity Risks
        Cyber criminals have a multitude of tactics at their disposal, like ransomware, Trojan viruses, credential theft, and all other types of malware – all with the intent of infiltrating businesses and exposing sensitive information. By taking proactive steps, organizations can protect themselves against these sophisticated cyberattacks that threaten individual privacy as well as business security. With the ever-increasing threat of cyberattacks, companies must proactively protect themselves. Even those with a secure internet connection are not immune to these malicious attempts at gaining access and causing damage. Fortunately, the right cybersecurity service offering can help monitor any emerging threats in the digital landscape while alerting businesses if an attack is already underway or has been successful in penetrating their defenses.

      • Data Privacy Threats
        Data privacy threats are closely connected to cybersecurity risks, comprising any risk associated with how the company handles sensitive data to determine whether the data can be misused by an employee, or if the data is properly secured with digital permissions. Companies undergoing digital transformation often find themselves exposed to data privacy risks due to their increased speed of development. If these security threats are not monitored closely, they can lead to devastating leaks, originating both externally and internally through internal errors or malicious activity in the vendor network. Therefore it is paramount that organizations ensure appropriate level of monitoring as part of their digitalization journey.

      • Workforce Talent Risks
        Workforce talent risk is any workforce issue that could jeopardize a company’s goals, including labor shortages, employee attrition, skill shortages, or even discussions about compensation. With the surge of remote work, organizations must contend with unseen vulnerabilities that could be exploited by malicious actors. Unsecured home networks pose a major risk for infiltration into corporate systems and can cause serious damage to sensitive data if not properly managed.

      • Compliance Risks
        Regulatory compliance and data privacy risks can be extremely costly if your company fails to adhere. The Federal Trade Commission (FTC) has enacted strict protocols for businesses, so understanding the potential consequences of non-compliance is key in keeping these risks at bay. Keeping up with regulatory standards not only protects you from unwanted fines or media coverage but also ensures that customer information remains secure and protected within your organization’s processes and operations.

      • Process Automation Risks
        Automation is an incredible asset to many organizations, providing valuable time-savings and greater efficiency. However, when integrating new processes and technologies, it is important to assess the risk to the business, customers and the public at large.

      • Artificial Intelligence Risks
        Organizations are harnessing the immense power of Artificial Intelligence (AI) to revolutionize their business processes, eliminating manual labor and increasing efficiency. However, those organizations need to be aware of the risk of AI, primarily:
          • AI bias: Producing results that are systematically prejudiced due to faulty assumptions made in the machine learning process.

          • AI manipulation: Unauthorized changes to the AI’s protocols and learning processes that force the program to make incorrect decisions and analyses.

      • Third-Party Risks
        According to a 2022 Ponemon report (Ponemon Report: Data Risk in the Third-Party Ecosystem Study (riskrecon.com)), third party breaches occurred in the last 12 months in 54% of companies surveyed. Working with external vendors, suppliers and contractors can come with a range of risks that have the potential to expose sensitive information such as financial data or intellectual property. Organizations need a Vendor Risk Management Program to hold vendors accountable to an acceptable level or risk. Do you have an inventory of vendors? Are they associated with a Tier (1 – 5)? Was cyber security due diligence performed on the Tier 1 and Tier 2 vendors?

      • Resiliency Risks
        Cybersecurity breaches and cyberattacks can have drastic impacts on businesses, especially when it comes to the level of disruption caused. To better understand your resiliency risk – or how quickly services will berestored after a breach occurs – consider what data sets you need to operate, as well as which technologies are essential for conducting business operations. Your response time and swift actions following an attack demonstrates your preparedness. If you can’t operate your business without a certain data set or piece of tech, you may have a high resiliency risk.

      • Cloud Technology Risks
        Cloud computing has revolutionized the way businesses manage their information, enabling them to access and store an unprecedented amount of data without relying on physical infrastructure. However, this newfound freedom brings digital risks – alterations in architecture or implementation could cause serious workflow disruptions and lead to valuable data being lost. Cloud services provide a high degree of configurability of security controls. Many controls default to open or loose security. Security architecture reviews of cloud assets should be performed regularly.

      • Reputational Risks
        All the other risks, as well as other variables, can lead to this digital threat: reputation risk. A company’s reputation is priceless. But any event or action that casts a negative light on your organization could lead to significant loss of financial, social and/or market capital – making reputational risk an essential concern for businesses everywhere. Organizations should monitor the brands digital information for reputational impact, fraud, impersonation and other rising threats.
      • The ten digital risk categories can be represented by this figure here:DRPS Managed Services

    Figure 1: Digital Risk Categories


    DRPS Managed Services

    Digital Risk Protection Services (DRPS) is a managed service that, defined by Gartner, is “a combination of technology and services in order to protect critical digital assets and data from external threats,” such as:

        • Data leaks

        • Account impersonations

        • Sensitive data breaches

        • Fraud campaigns

        • Reputational damage and brand compromise

        • Physical threats

      DRPS detects, prevents, real-time response risk mitigation, and works in partnership with Threat Intelligence (TI) solutions which focuses on resilience and planning.

      These two services overlap in the realm of social media channel monitoring because this is where the internal organization primarily interacts with the external world. While it is important to engage with your customer base it also allows for threat actors to expose and exploit sensitive information, impersonate accounts with the intention of defrauding followers or damage your reputation, or run fraudulent campaigns risking your organization’s continuity.

      DRPS uses operational processes that focus on identifying and mitigating threats using “intelligent algorithms and multiple reconnaissance methods to find and analyze threats in real time and raise warnings of imminent attacks to digital assets…It provides comprehensive protection from phishing and provides security teams with greater visibility into the dark web where a large proportion of criminal activity is planned and enables them to monitor the supply chain for breaches. They can also leverage DRPS solutions to prioritize vulnerabilities and alerts, monitor illegal data auctions and leaked credentials, and identify malicious mobile apps.”


      Benefits and Use Cases

      There are several benefits and use cases to DRPS. Benefits include:

      Automate Existing Ad Hoc Manual Processes

      Most organizations are utilizing DRPS on an ad hoc basis. A threat or compromise is detected and then mitigation efforts try to locate the source and respond accordingly. The downside is that you are working within a limited scope. It comes down to the age-old phrase of “you don’t know what you don’t know.” DRPS, when implemented properly, allows organizations to automate continuous monitoring giving a broader, real-time visibility that allows mitigation efforts to respond more quickly.


      Timeliness of Identification

      Having a dedicated DRPS program enables broader coverage, which leads to identifying issues sooner so that they can be addressed sooner.


      Use cases include:

      Executive Protection and Brand Protection

      Two subsets of protection that are part of DRPS are executive protection and brand protection on information that resides on the outside of the organization’s control, such as compromised credentials, impersonation files, dark web chatter, etc.

      One example of an outside threat is data brokers. Data brokers can collect, legally or otherwise, an organization’s financial history, legal history, and workforce sensitive information – collecting up to 3000 attributes per individual. Individual financial obligations such as large purchases, like houses or cars, down to household essentials like refrigerators can show up in these systems. This is especially concerning for executives of organizations as their private information could be used as blackmail to gain access to the company’s infrastructure, used for physical threats, impersonation, or fraudulent transactions.

      In July 2020 compromised employee credentials at Twitter resulted in 130 high profile private and corporate accounts being hacked including Bill Gates, Jeff Bezos, Apple and Uber. 45 of these accounts were used in a Bitcoin scam and according to Ekran System, “Twitter users transferred the equivalent of at least $180,000 in Bitcoin to scam accounts. The cryptocurrency exchange Coinbase blocked transfers of another $280,000.” Suspicious activity was not noticed until scam messages started being tweeted. A proactive DRPS program could have helped identify the breach earlier, potentially deactivating or restricting compromised accounts before users were defrauded of thousands of dollars.

      Another example would be a threat actor creating impersonation accounts on social media of either a brand or an influencer. These impersonation accounts can drive traffic to imposter sites that prompt a user to disclose login credentials, mock a purchase to steal card information, or link to malware. While there are ways to request takedowns or have your security team block these sites at your perimeter after a breach has been identified, DRPS aims to identify and mitigate these types of attacks before any information can be compromised.


      Conclusion

      As organizations continue to expand their digital footprint a robust cybersecurity plan should be in place. Having a DRPS is an important piece of the larger security pie. Giving people and businesses the ability to identify and mitigate risks in real-time throughout the web gives them a better chance at defending themselves against malicious attacks.

      HALOCK Security Briefing Archives: Updates on cybersecurity trends, threats, legislation, reasonable security, duty of care, key acts and laws, and more that impact your risk management program.

      SCHEDULE YOUR FULL HALOCK SECURITY BRIEFING