What is Digital Risk Monitoring (DRM)? DRM is a relatively new term in the lexicon of security, risk and brand protection. But get used to seeing it; it’s here to stay. In the next 24 months, a Digital Risk Monitoring program will become a staple for any modern organization.
In September of 2016, Forrester published their inaugural Digital Risk Monitoring WaveTM report, which assesses DRM vendors on a variety of criteria and likewise tries to answer the question, what is Digital Risk Monitoring? The report defines the space and outlines how organizations can monitor and protect themselves.
Highlights from the report:
- Learn why “Security & Risk pros need capabilities to monitor for risks across digital channels.”
- Find out why Nick Hayes writes, “ZeroFOX fuses superior social data coverage with fast-paced analytics,” and “has innovated rapidly since its inception in 2013.”
- Dive deep into three types of digital risk — brand, cyber & risk — and what types of threats S&R pros need to address
- Explore the 4 key capabilities of any DRM vendor — and how to prioritize your strategy
So what is Digital Risk Monitoring, exactly? It is the process of monitoring social media and other digital channels, identifying risks and remediating those risks that are impacting your business.
Nick Hayes, author of the report, first outlines the three broad categories of digital risk. Categories include:
- cyber; including phishing, malware, data loss
- brand; including impersonations, slander and scams
- physical; including insider threats, terrorism
ZeroFOX breaks out a fourth category as well; risks to revenue. In this category, we address piracy, counterfeit goods, financial scams targeting customers, etc. Risks, of course, can overlap. Compliance is one such risk than can have consequences for both revenue and brand.
Hayes also outlines the three categories of digital channels where these risk are found: social, web, and mobile.
Digital risks can be found anywhere online, but again and again social channels prove to be the true breeding ground and delivery mechanism for risks. Social implies any digital interaction among real people, and for a risk to exist, there needs to be a person experiencing or affected by that risk. This can be an individual or group of individuals like a corporation or organization.
For this reason, social networks (LinkedIn, Twitter, Facebook, Instagram, YouTube, etc.) are veritable petri-dishes of risk, and malicious actors take to the networks in droves. Social media creates a frictionless, anonymous platform for risk actors that heavily stacks the cards against organizations attempting to protect themselves.
Outside of social media, digital risks are propagated on any digital channels with unregulated, user-generated content. These channels can be collectively referred to as the social web. They include forums, communities and chat clients, such as Pastebin, Amazon, Craigslist, Wikipedia, 4Chan and more.
In terms of web-based digital risks, issues can emerge on search engines, domain registrars (such as domain squatters or domain phishing), and the deep, unindexed web.
Digital channels that incorporate regulations on posted content do not pose nearly as big a risk to organizations as social media and the social web. The cost and threshold to build malicious mobile apps is high; so while mobile risks do occur, they make up a negligible portion of the DRM pie.
Organizations needs vary greatly based on their size, industry and the nature of their business. When DRM customers were asked what is digital risk monitoring to them and what are the most pressing issues, respondents listed “Monitor for brand and reputational and digital risk,” “Take down impersonating or fraudulent social accounts, apps, websites, etc,” and “Monitor for cyber risks” as the three most important capabilities for a DRM solution.
The Forrester Wave: Digital Risk Monitoring, Q3 2016, named ZeroFOX a Leader and Top-Ranked in Strategy after a thorough evaluation of the 9 top vendors. The report gave ZeroFOX top scores in the corporate strategy & vision criterion and among the highest scores in risk monitoring & remediation and customer references criteria.
We believe our company’s agile nature coupled with our best-in-market strategic vision, sets us up to best serve our customers over the long term. Our current product offering is not only a leader in the space, it has evolved substantially in the past 9 months since the evaluation as our agile team continues to execute on our innovative best-in-breed strategy. ZeroFOX has also vastly increased our market presence since the initial evaluation with our customer base growing substantially.
Still have question? What is Digital Risk Monitoring to ZeroFOX in particular? How do we help organizations address they myriads of risks? Check out the ZeroFOX Platform, or get your complementary copy of the Forrester Digital Risk Monitoring Wave.