If your organization has over 5,000 employees, it’s likely to experience one crisis per year on average. From a corporate security perspective, some of the most damaging crises now involve targeted cyber attacks and data breaches—which cost organizations upwards of USD $3.86M per incident in the US.
Costly crises are also overlapping into non-cyber risks that can be detected online—such as damaging viral content, targeted disinformation, and explicit physical threats. These aren’t always detectable with highly-specific search tools, like dark web monitoring services.
Threat targeting a corporate CEO on the distributed social network Mastodon—discovered using the Echosec Systems Platform
As the online threat landscape combines more risk areas, corporate security teams require web monitoring tools that locate risks across a wide breadth of social media and darknet sites. Combining these feeds in a security platform ensures more streamlined workflows and a more comprehensive digital and physical risk solution.
How Corporate Security Requirements Are Changing
Corporate security requirements are quickly evolving as online threats become widespread across most sectors. To start, there is a persistent security analyst shortage. This is impacting organizations’ ability to keep up with online data volumes and gather, contextualize, and triage results.
Secondly, corporate security risks now originate from a wider variety of online spaces than ever before. Investigations that start with technical feeds or dark web monitoring almost always cross over into social media sources—and vice versa. Beyond detecting unusual network traffic or other technical breach indicators, digital risk protection now covers:
- Data disclosure by internal and external actors on mainstream and fringe social media sites
- Targeted doxxing attacks against executives on paste sites and unindexed forums
- Damaging viral content on social media surrounding ad campaigns, crisis response (e.g. COVID-19), or other significant events
- Discussions about brand impersonation, theft, scams, and other targeted risks on unindexed deep and darknet websites
- Content on fringe social networks indicating intent to cause physical harm to a company or a location near its physical assets
- Social media and deep web sites circulating disinformation about a company
Image of a company’s security camera layout leaked on Reddit by a former employee. This is an example of information that can easily migrate over to dark web sources where adversaries more explicitly plan a target’s entry points and vulnerabilities.
Critical threat intelligence sources are also turning over more frequently with law enforcement takedowns or tightened content policies on social media. This breeds a number of obscure platforms that might not be offered through most commercial security solutions when they matter most—but may host relevant information in the event of a targeted enterprise threat.
Data Diversity Is Crucial
These risks necessitate data variety in a corporate security team’s toolkit. There are relatively few digital risk protection solutions currently on the market, and many of them—such as Dataminr and DarkOwl—specialize only in social media or dark web monitoring, but not both.
Incorporating a handful of complementary tools rather than a “one-size-fits-all” solution is a best practice for corporate security. However, reconciling too many specialized tools or searching networks manually is clunky and risks overlooking critical data on more inconspicuous sources.
Tools that prioritize data diversity for social, deep, and dark web monitoring in one platform tend to make for a more streamlined and comprehensive approach in a security suite. This makes it easier to cross-reference social media and more hidden sources, and makes workflows less time-consuming for understaffed teams analyzing multiple sources.
Because less-regulated data sources tend to come and go quickly, corporate security teams also require vendors that prioritize adding obscure new data feeds to their platforms.
Echosec Systems differentiates itself from other corporate security solutions by prioritizing a wide range of data sources in one platform. These include mainstream social networks like Twitter and Reddit, less-regulated platforms like Telegram, 4chan, and Discord, and dark web access including marketplaces and imageboards like 8kun and Endchan.
The Echosec Systems Platform is a powerful social, deep, and dark web search engine. Users can easily pivot between feeds to leverage security investigations and glean more insights than these sources would have in isolation. The Platform also enables users to locate and contextualize physical and digital security risks faster with machine learning features and an asset monitoring system, which automatically detect and score actionable risks. This makes for an ideal threat intelligence solution alongside more technical data feeds, managed takedown services, and other tools in a corporate security suite.
Echosec Systems’ risk portal allows users to intelligently monitor breached data repositories and social, deep and dark web sources in real-time for risks to an organization’s defined assets.
For enterprise teams, digital risk protection is no longer just a cybersecurity issue—it also involves finding online content implicating an organization’s brand image and physical security.
Digital transformations and real-world events, such as the COVID-19 pandemic, are expanding the online threat landscape at an overwhelming pace. This calls for a wider variety of accessible data sources to detect threats to people and assets. Corporate security teams now require digital risk protection solutions that avoid data source silos, enabling earlier threat detection and less costly physical and digital risks.
Looking for a more comprehensive risk protection tool?
Click here to learn more about our new asset monitoring feature or book a free demo.