The cyber security business can be a commoditized game – with vendors all eyeing each other, in the race to stay at the forefront of their field – and of course ahead of the bad guys.
Therefore, it was music to my ears to talk with seasoned industry analysts about our new Cyber Threat Intelligence service, Threat 360, and hear responses such as “There’s nothing quite like this” and “this is really something different”.
That’s what we thought all along – but you never know with the analysts, perhaps they were aware of a niche Managed Security Services (MSS) provider already providing an offering similar to our new assessment service: helping organizations identify and address security vulnerabilities that could be exploited with malicious intent. Let’s just say that if such a competitor does exist, then it has yet to register on the radar for analyst firms like Gartner and IDC.
It’s therefore with a high degree of confidence that I can say our new service, Threat 360, is unique among MSS providers, and provides our customers with another level of protection against cyber-crime, through looking for and locking down potential sources of data breaches. Today, more than ever, remediating the damage done by data loss is expensive – not to mention the impact on your corporate reputation – and the associated fines.
Threat 360 helps organizations to tighten their digital defenses against a growing number of sophisticated and targeted cyber-attacks, guard against malware and ransomware, and mitigate data leakage and loss – all of which of course go hand in hand with the threats of lost revenue, damaged reputation and regulatory fines.
This is why we’re scanning not only the public web, but also the dark web, where data such as credit card numbers is offered for sale. For example, hackers are prepared to pay a premium for validated email addresses for C-level executives – who are often targets of increasingly sophisticated “spear phishing”: confidence tricks to try, for example, to persuade an unwary CFO to transfer large sums of money into what later becomes evident as a big black hole.
As an investigative first step, Threat 360 can provide enough insights to enable us to take a deeper dive into selected areas where vulnerabilities may be leaving companies wide open to exploitation. We’re looking both inside an organization, and outside.
The outside-in view gives a hacker’s eye view of the company. It’s surprising what can be found when you look. These findings can be valuable indicators of potential compromise. For example, maybe someone has just registered a domain that’s almost identical to your company’s? Why are confidential company documents stored on a remote server? And which companies are people on a hacking forum talking about?
The inside-out approach provides a view of vulnerable and compromised systems already on the network. All too often, we find there is something malicious hiding on a corporate network and sending information to unknown destinations. It’s also a fact that many attacks originate from inside. Sometimes, this is due to ignorance, when someone clicks on something they shouldn’t. But on other occasions, it’s a disgruntled employee doing something malicious.
We think all this is information that is essential to a company’s digital defenses, and that’s why we create detailed reports for every customer who signs up for the service, providing a summary of findings, as well as recommended remedial action.
It’s clear that businesses must be proactive in preventing leaks – but to do this, you need to know where to focus. That’s what Threat 360 is all about: It enables companies to take an overall look at their security posture, to identify risks and threats – as well as providing an early warning for data that you don’t want exposed to the public on a corporate network – and a further category: things you simply didn’t know were there, for example a malware farm or a stash of dodgy data.
As well as finding out more about how Threat 360 works, the analysts have been interested in how we’re selling the service, and we’ve had positive feedback related to our customer centric approach and how we are offering it both as an “add-on” to existing MSS as well as stand-alone.
Although you might think that it’s a trivial thing to find something like a cache of email addresses exposed on a website, we’re taking a better safe than sorry approach. Because it’s less trivial when a hacker pulls together relatively innocuous information to launch a spear-phishing attack on your CFO.