Forrester names ZeroFOX A Leader &
Top-Ranked in Strategy for Digital Risk Monitoring
forrester wave
The Forrester Wave™: Digital Risk Monitoring, Q3 2016
Get your complimentary copy of The Forrester Wave™
Skip to Content

Digital Risk Monitoring

Digital Risk Monitoring (DRM) Defined

The process of monitoring social media and digital channels for security threats and business risks such as social engineering, external fraud, data loss, insider threat and reputation-based attacks.

digital risk monitoring

AT A GLANCE

Digital risks exist on social media and web channels, outside most organization's line of visibility. Organizations struggle to monitor these external, unregulated channels for risks targeting their business, their employees or their customers.

Categories of risk include cyber (insider threat, phishing, malware, data loss), revenue (customer scams, piracy, counterfeit goods) and brand (impersonations, slander).

Due to the explosive growth of digital risks, organizations need a flexible, automated approach that can monitor digital channels for organization-specific risks, trigger alerts and remediate malicious posts, profiles, content or apps.

What is digital risk?

Digital risks can take many forms. Most fundamentally, what makes a risk digital? A digital risk is any risk that plays out in one form or another online, outside of an organization’s IT infrastructure and beyond the security perimeter. This can be a cyber risk, like a phishing link or ransomware via LinkedIn, but can also include traditional risks with a digital component, such as credit card money flipping scams on Instagram.

The Forrester Wave: Digital Risk Monitoring, Q3 2016, named ZeroFOX a Leader and Top-Ranked in Strategy after a thorough evaluation of the 9 top vendors. The report gave ZeroFOX top scores in the corporate strategy & vision criterion and among the highest scores in risk monitoring & remediation and customer references criteria.

Digital risks can be broken down into three categories:

Revenue

  • Customer targeted scams
  • Piracy
  • Counterfeit goods
  • Fake coupons and promos

Brand

  • Brand or executive impersonations
  • Slander and abuse
  • Copyright infringement
  • Compliance violations

Cyber

  • Phishing Links
  • Malware
  • Leaked sensitive information
  • Hacktivism
  • Cyber attack planning
  • Situational awareness
icons

Digital risks can be found anywhere online, but again and again social media proves to be the true breeding ground and delivery mechanism for risks. Social implies any digital interaction among real people, and for a risk to exists, there needs to be a person experiencing or affected by that risk. This can be an individual or group of individuals like a corporation or organization. For this reason, social media is a veritable petri dish of risks, and malicious actors take to social media in droves. Social media creates a frictionless, anonymous platform for risk actors and heavily stacks the cards against organizations attempting to protect themselves.

icons
Risk Actor Advantages Target Organization Challenges
Social media’s ease of use and universal access lowers the technical barriers for cyber criminals. Multiple fraudulent accounts and cyber attacks can be created and launched more rapidly than ever before. Organizations struggle to grapple with dynamic, ever-changing social media landscape. New threats must be identified rapidly and data must be ingested and analyzed in near real time.
Scammers can leverage hashtags or piggyback on existing popular accounts to target their scam and rapidly propagate an attack to millions of potential victims. The scale and cross-network nature of social makes it extremely difficult to monitor manually. Automated tools must be able to grapple with terabytes of data.
Employees of organizations can unintentionally become risk actors by posting inappropriate or non-compliant content. On such an extremely public venue, the costs can be devastating. Organizations struggle to react to risks immediately, before they spread across the social and digital web.
Risk actors, whether acting intentionally or unintentionally, enjoy near complete anonymity in the social media world. Because these channels are unowned and exist outside an organizations technical jurisdiction, visibility is effectively non- existent, making identifying and remediating risks and risk actors a herculean task.

Traditional social media channels include LinkedIn, Twitter, Facebook, Instagram, Google+, YouTube and Tumblr. Outside of these traditional social media channels, digital risks are propagated on any digital channels with unregulated, user-generated content. These channels can be collectively referred to as the social web. They include forums, communities and chat clients, such as Reddit, Pastebin, Amazon, Craigslist, Wikipedia, 4Chan, etc.

+ thousands more

What are the damages and costs

Just as digital risks themselves take many forms, so too do the costs associated with them. They also span the gambit on which area of the organization business they might impact. Consider these case studies:

A piece of malware sent via direct message on LinkedIn, could result in millions of dollars in data breach remediation.

A pirating ring run at scale and advertised on Twitter can impact the bottom line of major media, retail or CPG organizations.

Fake brand accounts or customer support impersonations on Facebook damage the brand, which although more difficult to measure, can have devastating costs to a organization business in the long term.

A financial scam on Instagram that costs a bank $300 per successful scam adds up quickly when multiplied by rate of success over time, number of other scammers, other networks and other types of scams.

The cost of digital risks to organizations is largely unmonitored and unrecognized. Once organizations start to identify social and digital risks, they begin to recognize their growing frequency, their impact and, ultimately, their costs.

How are digital risks monitored and remediated?

Digital Risk Monitoring solutions, like the ZeroFOX Platform, ingest data from the social networks and web, analyze it and alert for malicious activity, and work on behalf of the customer to remediate issues to and remove risks.

Sophisticated intelligence for relevant risk data

Solutions must aggregated data from a diversity of sources to provide comprehensive, contextualized analysis.

Continuous monitoring

Solutions must keep up with the speed and dynamism of social media and digital channels but constantly ingesting fresh data for analysis.

Customizable configurations for deeper investigations

With vast volumes of data being ingested, solutions must be highly flexible and customizable, allowing customers to fine-tune their analysis for very specific use cases.

Strong ties with major channels for expedited takedowns

Solutions are only truly valuable if they can go beyond alerting and work with the channel or network to get the risk remediated.

Explore Digital Risks

Talk to an Expert

Talk to an expert today to learn how ZeroFOX can help solve your social media security challenges.

Talk nerdy to me

Every Saturday, get the best content from the ZeroFOX blog
and the most interesting security articles from around the web

No Thanks
×