Protecting assets is an integral part of any organization—and its implementation doesn’t end at physical assets. In addition to protecting people, facilities, and property, less obvious threats against your organization’s data and brand reputation go undetected every day. What is your approach to digital risk protection? How can you gain better control over your digital footprint to find and react to these threats proactively?


Because of digital transformation, 90% of the world’s data has been generated in the last two years. This staggering amount of information is an invaluable resource when it comes to threat detection. From news, to social media, to dark web marketplaces, searching through online data takes a multifaceted approach using multiple tools to find relevant intel. Read on to learn about which of your organization’s assets may be vulnerable, and how security teams are using data discovery tools to help locate and mitigate threats.

Read More:
Digital Risk Management: Why Integrating Corporate Teams is Crucial
Why Digital Risk Protection Isn't Just an IT Issue Anymore

Brand and Supply Chain Risks

A brand can take years to build, and just one badly handled data breach,  miscalculated social media post, or unexpected crisis to dismantle. Reputation is a costly asset to tarnish. Social media and dark web data are valuable sources for brand protection, but finding relevant intelligence is time-consuming and laborious without dedicated tools. 


As long as social media platforms have existed, so have products for discovering public social media data—not only to discover public chatter around a brand, but also to detect and mitigate potential security threats and managing crises. How exactly does gathering this online data help protect brand assets?

Find relevant data from a number of different data sources. The amount of information posted publicly through social media is enormous. We often only think of the biggest names in social media today—Facebook, Instagram, and Twitter—as relevant sources. The reality is that providers like Facebook and Twitter have highly regulated data use standards, making them less viable as attack surfaces. There are many social media platforms, such as VK, with lesser-known names that are still widely used around the globe. Ignoring these data sources means that valuable public perception about your brand can be prevalent among some circles, but go undetected by your team. Social media monitoring tools help locate relevant information in the less obvious places.

Locate and engage with your brand champions and influencers. Analyzing social media data allows a brand to discover who their biggest influencers are and evaluate the best way to engage with them. Viral influencers have a huge impact on brand reputation, and their social media content can deeply inform an organization’s PR strategy. Locating key influencers and micro-influencers in your niche, as well as understanding the context of their presence and audience, can be a guessing game without a data aggregation tool.

Monitor supply chain risk during a crisis. In the context of a global crisis like a pandemic, a weather catastrophe, or political instability, existing technologies can leave critical gaps in a retailer’s supply chain awareness. Every link in a global supply chain—from sourcing materials, manufacturing, transport, and end-user delivery—is highly interconnected. Staying alerted to disruptions at any stage of the chain is critical to a retailer’s timely response as crises, big and small, unfold around the world.

Analyze and address brand sentiment. Social media protection tools that analyze public sentiment can quickly locate and notify an organization where and when customers are dissatisfied (or satisfied) with a product or service. Social media is often the fastest way to find and respond to complaints and mistakes—and it allows brands to address customers more personally and directly. 

Because public brand sentiment and complaints are often based in a specific area, a location-based data aggregation tool is helpful for informing a more targeted marketing or PR strategy. Data aggregation can also help brands discover relevant, location-based keywords and context to tailor their messaging and customer engagement.

Mitigate a brand reputation crisis. Sometimes customer complaints go beyond what can be addressed individually. In the event of a widespread data breach or a disastrous black Friday event, many individuals may be affected and post their experiences online. Being able to gauge public sentiment or backlash can help inform a public apology or PR strategy to mitigate the impact of such an event on a brand’s reputation.

Detect theft and counterfeit goods. Believe it or not, many people brag about their exploits on social media after committing crimes like shoplifting. Searching public social media data and filtering for keywords relevant to shoplifting can help brands detect, investigate and mitigate theft. A tool that can search marketplaces on the dark web is also useful for locating the sale of counterfeit or stolen goods.

Find leaked sensitive data (more on this later). According to a 2018 survey, a majority of CISOs worldwide believe that data breaches are inevitable. Data breaches can have a huge impact on customer trust and brand reputation—so the ability to find and handle data leaks before they get out of hand is integral to protecting brand assets. Dark web discovery tools are useful for finding exploited vulnerabilities relevant to an organization. Leak perpetrators can also operate in plain sight; data aggregation tools can quickly locate disgruntled (former) employees who post sensitive or harmful information on social media about your brand.

Discover and address hackers. The dark web is the obvious place to discover data breaches and hackers targeting your brand. However, social media is also useful for detecting common hacks, such as phishing, DdoS (Denial of Service) attacks, and account takeover. When customers experience compromised access to your website in a DdoS attack, they’ll often post their experience on social media before customer service is notified. Security teams are able to discover and react to digital risks faster with access to such posts as soon as they’re published.

Phishing doesn’t only occur via email. Social media platforms used to deliver customer service are often targeted in phishing attacks. For example, hackers can open fraudulent social media accounts posing as a brand and address customer complaints or requests. Responses often reroute victims to spoofed company sites where their personal information is collected. Victims are often targeted at opportune times on evenings and weekends when companies are slow to react. Social media monitoring can help brands find fraudulent accounts and interactions that could lead to executive protection risks, customer attacks, and compromised brand trust.

Read More:
Brand Reputation Monitoring
Loss Prevention and Retail Security
Manage Your Online Brand Reputation With Social Media
Supply Chain Monitoring: the Value of Social Media in a Crisis
Case Study: Brand Protection for Cruise Operators During COVID-19

Executive Protection

iStock-921483562 executive airport plane travelPeople are an organization’s most valuable asset. Whether an individual is an executive travelling to a high-risk area abroad, or a bank employee being targeted by a phishing attack, it is an organization’s responsibility to detect, act on, and prevent future threats. Physical security is no longer the only solution for protecting people. 

New call-to-action

Cyber risks are ever-increasing, and so is the need for internet-based risk management strategies. There are no one-size-fits-all tools to gather the intel necessary to reduce risks and prevent harm to individuals . Security professionals must use a number of tools simultaneously to collect relevant open-source data, from the deep web to social media providers. How does aggregating this data help protect people and executives?

Assess and respond to relevant threats faster. Manually searching through social media providers is time-consuming and laborious, and is unlikely to return every useful piece of information. Likewise, finding relevant intel on the unindexed deep and dark web is not only challenging, but could potentially heighten security risks if attempted inexpertly. 

Third-party data aggregation tools allow security teams to create data searches from the safety of their usual browser, collecting the data that matters most across a multitude of providers. Data aggregators that operate in real-time allow users to set notifications when relevant information is posted. This means security teams can assess and respond to potential threats more quickly.

Use geofencing to monitor physical threats. Geofencing technology allows tools like Echosec to gather social media data within the borders of a specific area. If an executive is traveling along a predefined route, for example, geofencing allows security teams to locate potential threats or obstructions and relocate their executive if necessary. Valuable, on-the-ground intel posted on social media often travels much faster than news outlets, enabling security teams to assess the situation and react more quickly. With geotagged posts, security teams can also can also locate threats more precisely.

Find and mitigate cyberthreats such as doxxing and spear phishing. Any individual in an organization is at risk for cyberattack. High-profile executives are often targeted in doxxing attacks, in which their personal information is hacked and publicly released as part of a harassment campaign, political statement, or request for ransom.

In spearphishing attacks, an individual is targeted by a hacker posing as a trustworthy entity. This enables the hacker to request personal information, often by using social engineering tactics. For example, a hacker could pose as an internal executive and target bank employees in phishing emails that request sensitive financial information. 

A deep web data discovery tool can quickly discover evidence of attacks like doxxing and spear phishing on sites that are not indexed by search engines like Google. For example, a deep web search tool allows security teams to find doxxing leaks on data dump sites such as Pastebin. Templates for fraudulent, company-specific websites used in phishing attacks can easily be located on dark web marketplaces with search tools like Beacon.

Protect a VIPs family from potential threats. High-profile individuals aren’t the only people targeted by hackers. Personal data from a VIPs loved ones are also often used to leverage cyberattacks. Deep web data discovery tools allow security teams to search for specific individual information—including names, emails, user handles, and SSNs, to find evidence of a targeted data breach or doxxing attack.

Stay more informed on business travel, especially in high-risk areas. As more organizations send their personnel abroad on business, travel risk management is becoming integral to security strategies. Travellers in areas susceptible to natural disasters, terrorism, political unrest, or unreliable medical and security services need to rely on more than just travel advisories or an action plan to stay safe.

Social media intelligence provides security teams with vital information to protect travellers in high-risk areas. Location-based tools can monitor potential threats across a number of social media data sources. This equips security teams with on-the-ground situational awareness where access to other up-to-date communications and news feeds may be lacking or much slower than social media.

Read more:
Echosec For Executive Protection
How to Protect VIPs From the Tragic Consequences of SIM Jacking
Protecting Executives with Online Data: Three Success Stories

Events and Facilities

Most public events and facilities are constantly humming with social media activity. All this public data presents a huge opportunity for security teams to tap into intelligence that matters for keeping assets, both living and material, safe. Aggregating this data in real-time can benefit event and facility protection in a number of ways.

Precisely locate security risks to people and material assets. Geofencing allows social media monitoring tools to search for location-based information. Security teams can draw a geofence around a specific venue, including parking lots or nearby travel routes, and receive notifications if any suspect social media activity occurs. Getting on-the-ground visuals and geotagged posts in real-time gives security teams a clearer picture of where threats are happening and how to take appropriate action.

Allocate security resources where they matter. An effective event security strategy has enough people on the ground in the right place at the right time. When a potential threat occurs, the chaos can make it difficult to locate exactly where personnel are needed and to what extent. A single user on a social media monitoring platform can determine this information in real-time at a busy venue. This tells security teams where resources are needed, alleviating confusion in the event of a threat.

Leverage entry security at high-profile events. Dark web marketplaces often sell fake IDs. These can include police identification, as well as entry or media passes into high-profile or invite-only events. A dark web discovery tool can help event security locate relevant listings on the dark web, and alert personnel at the gate to any fraudulent IDs or entry passes.

Read more:
Event Monitoring With Location-Based Data

Data Leaks

source code laptop

“I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.” —Robert Muller, former FBI Director

By protecting your data, you are protecting not only your organization’s assets, reputation, and people, but all of your customers and their assets. Given the frequency of data breaches and the average total cost of a data breach (USD $3.92 million), knowing how to prevent and react to data leaks is a necessary and growing component of asset security.

A data protection strategy can include everything from implementing an org-wide password strategy to investigate the dark web for planned attacks against your organization. What do data leaks look like, and how can they be detected and mitigated?

Deep Web / Dark Web Data and Breach Detection

The deep web and dark web are valuable sources of intel for finding and investigating data breaches as part of an asset protection strategy. Since deep and dark web sites are unindexed, it is difficult and time-consuming to find any relevant information. Navigating the dark web inexpertly can also do more harm than good by unintentionally exposing your investigation efforts. This can subject organizations to further breaches.

Deep and dark web discovery tools allow asset security teams and public safety officials to find relevant intelligence for detecting and mitigating data breaches. Here are some examples of the kind of information these tools are capable of finding:

  • Phishing and scam pages. Vendors often sell spoofing sites and scam pages for hackers to conduct phishing attacks. These fraudulent pages are designed to pose as legitimate websites (an online banking login page, for example), which are used to collect personal information from victims. A dark web search tool makes these listings easy to find, as they are often templated for specific organizations.
  • Personal financial information. Fullz (slang for a complete package of an individual’s personal and financial information) are abundant in dark web marketplace listings. Being able to search for an individual’s information, such as their email or CC number, on the dark web is an indispensable tool for discovering relevant breached financial information. Execs and other high-profile individuals are frequent targets in these leaks, offering greater rewards for hackers.
  • Fraud how-to guides and discussions. The dark web is an anonymous place for hackers to sell how-to guides or discuss their strategies openly in forums. For example, a hacker looking to conduct a spear phishing attack might turn to a dark web forum to ask for advice on social engineering tactics. The ability to find these discussions is extremely helpful for mitigating attacks before they’re implemented.
  • Doxxing attacks. Evidence of doxxing—the act of breaching an individual’s personal information for malicious intent—is prevalent on the dark web as well as unindexed deep websites such as Pastebin. These attacks are easy to detect with a search engine, especially if a specific organization or individual’s name is being targeted. 
  • National security information. If your organization’s role is to provide nation-wide security (as a defense contractor or airport security strategist, for example), a security breach could have global consequences. Listings for leaked national security data, such as defense strategies, weapon plans or building blueprints are present on dark web marketplaces.
  • Source code. Leaked source code can be difficult to detect when its posted on the dark web or unindexed sites such as Github and Pastebin. Leaked code allows hackers to find and exploit any vulnerabilities in an organization’s security, giving them access to an entire database. Proprietary source code, if leaked, can also simply be stolen and adapted by hackers for nefarious purposes.

Social Media and Breach Detection

Even though the dark web is a valuable source of breached data intelligence, open source social media data is also useful for detecting threats to data assets. Here’s how.

  • Search for posts related to negative sentiment towards your organization. As mentioned earlier, disgruntled employees or former employees will often turn to social media to shed a negative light on your organization. This might be a platform for them to leak sensitive data about a company or its individuals. 

Searching for negative sentiment on social media data could also reveal unhappy customers triggered by a hacking attack or data breach. For example, customers experiencing a slow or inaccessible company website could indicate a potential denial of service (DoS) attack. 

  • Search for posts related to hacking keywords. Customers often turn to social media to broadcast warnings about phishing emails they are receiving. This is valuable data to detect, as customer complaints related to phishing or other hacking attacks often travel on social media faster than they reach a customer service department.

Read more:
Data Breaches: Protect Your Digital Assets With Early Detection of Breached Data
Security on Auto-Pilot? How Threat Intelligence Tools Combat Alert Fatigue

Digital Risk Protection Software

iStock-corporate office buildings glass worms eye architectureOne standalone tool is not ideal for detecting threats against people, locations, and physical assets. An effective security strategy uses a variety of tools and strategy in concert to locate relevant online data and proactively mitigate threats.

The following are a few data aggregation/threat detection tools. Some are free, some are commercially available.

  • Beacon is a fully-indexed deep and dark web discovery tool. It allows users to build and filter searches to find relevant information on unindexed deep and dark websites. Users are able to locate threats quickly and safely without the need for a Tor browser.
  • Echosec is a social media discovery tool. It allows users to search for location-based social media data and apply filters such as negative sentiment, and violent incidents. The platform also enables users to create a geofence around a specific area, and set notifications to discover potential threats in real-time.
  • Google is a great starting place, especially if you search in an incognito window. Searching for a particular event, location, or person often helps tip off a search or find relevant keywords using a more in-depth tool such as Beacon or Echosec.
  • Have I Been Pwned? Is a helpful free resource for discovering data breaches. The website searches for an email address against a number of data breaches to find out if it’s been compromised.
  • PhishLabs is a service provider that helps organizations discover threats against their assets and people, including phishing and social engineering attacks. They also provide security awareness training and incident response.

Read More:
Why Effective DRP Solutions Combine Social Media and Dark Web Data


Active threats against people, places, and assets are now planned and conducted as much in the digital world as the physical world. An organization’s assets depend on the wealth of information available on social media, as well as harder-to-find sources on the deep web and dark web. 

Searching through this mass of data efficiently for the intel that matters most to your assets requires a multifaceted approach and a number of advanced tools. Whether your organization is focused on elevating and preserving a brand, sending VIPs abroad, or preventing cyberattacks, threat detection tools are a necessary part of any proactive security strategy. 

Cybercriminals continue to evolve and develop sophisticated methods to exploit vulnerabilities on unsuspected platforms. Real-world threats are documented and broadcasted more quickly than ever before, thanks to social media. Using the right intelligence tools help security teams keep up to these threats by collecting intelligence from as many sources as possible, making sense of that data efficiently, and reacting.

Learn more about how Echosec can help effectively protect your corporate assets, information and people