Safeguard digital transformation initiatives and mitigate external threats

The results from recent independent research that we conducted do indeed paint a picture of businesses continuing to advance their digital initiatives while security teams struggle to keep up. Of the 456 respondents from large organisations (1000 employees or more) across the US and UK that were surveyed, 40 per cent experienced five or more significant security incidents in the past 18 months. The most common were malware infections including ransomware followed by phishing, website and mobile app impersonation and malvertising (malicious advertising). As these threats originate from outside the corporate network, they are harder to discover, validate, assess, and remediate. Incidents are often related to assets, from vulnerable web components and apps, rogue mobile apps and social profiles, to domain abuse, that are not easily visible, known, or under control of IT. While there is modest improvement year over year in their ability to address these external threats, 68 per cent of respondents still have no to modest confidence in their ability to manage these digital threats.

Digital transformation continues to be the mantra for many businesses today.  To stay competitive, it's an imperative. In fact, 87 per cent of companies believe it will give them a competitive edge. Nowhere is this truer than in our engagement with customers and prospects.  Face to face or over the phone engagements are being replaced with digital interactions which in turn fuel the demand for ever greater immediacy and convenience.

The success of any digital engagement strategy relies on building and maintaining brand trust through digital relationships as opposed to physical ones. However, that trust fabric becomes far more complex for businesses to control and manage as their digital channels expand from web to mobile applications and social media, and as cyber threats against their organisation and customers increase.  Regulations such as GDPR and the NIS Directive requiring organisations to better defend themselves, safeguard data and reduce service outages, are in a way the result of past failures of organisations to adequately protect themselves against external threats.

There are many who say that the pace of digital transformation initiatives are forcing security and compliance teams to play catch up, leaving organisations exposed. As much of this customer facing digital activity is now taking place outside of the corporate network on externally hosted websites, via mobile apps hosted in app stores and on social media, traditional security practices and solutions are no longer effective in providing protection. This leaves a security gap that requires new approaches to defend. So, are organisations gaining the upper hand in the ongoing battle with cyber adversaries while building out their digital presence or are they continuing to put their brand and customers at risk? And how are they coping with the 75 per cent of breaches that are due to external threats?

Tightening up on attack surface

The results from recent independent research that we conducted do indeed paint a picture of businesses continuing to advance their digital initiatives while security teams struggle to keep up. Of the 456 respondents from large organisations (1000 employees or more) across the US and UK that were surveyed, 40 per cent experienced five or more significant security incidents in the past 18 months. The most common were malware infections including ransomware followed by phishing, website and mobile app impersonation and malvertising (malicious advertising). As these threats originate from outside the corporate network, they are harder to discover, validate, assess, and remediate. Incidents are often related to assets, from vulnerable web components and apps, rogue mobile apps and social profiles, to domain abuse, that are not easily visible, known, or under control of IT. While there is modest improvement year over year in their ability to address these external threats, 68 per cent of respondents still have no to modest confidence in their ability to manage these digital threats.

One way for organisations to reduce the number of successful attacks is to tighten up their attack surface by ensuring all their publicly exposed digital assets are known and inventoried, up to date (patched) and not vulnerable to any known exploit. However, 70 per cent of respondents have no to modest confidence in being able to do this today. Their biggest exposures are their web infrastructure followed by their ability to police their mobile apps, their brand(s) across the Internet and their social profiles.

This is consistent with our recent research into the digital footprints of the top 30 UK organisations (FT-30). In assessing 13,000 data collection pages across 100,000 live web sites belonging to those 30 organisations, we found that a third are still collecting personally identifiable information (PII) insecurely, and are therefore in danger of violating GDPR. Insecure collection of PII is not just a GDPR compliance violation. The loss of personal data, profit, and reputation resulting from the use of insecure forms is a legitimate concern for consumers, as well as shareholders. In addition to personal claim liability, fines for GDPR non-compliance will be hefty. This applies to all companies that actively engage with European citizens, even if they do not have a physical European presence.

And threat actors are clearly taking advantage of organisations’ web infrastructures’ broad exposure and perceived vulnerabilities. The mobile app research we conducted late last year showed a 130 per cent increase in the number of fake malicious mobile apps impersonating the brands of 45 top UK companies, putting their prospects and customers at risk. In addition, we have also recorded a 132 per cent increase in malvertising incidents in 2016 as compared to 2015. Many of these malicious ads impersonate top brands to get consumers to click. The unsuspecting consumers are directed to fake branded landing pages where their personal information are harvested. The same holds true for fake social media profiles of brands and their executives. There are no lack of examples here, including the recent warning from Alton Towers about fake social media ticket scam. It is clear that the external threat battleground represents a real risk to digital transformation initiatives.

Real and present danger

Organisations recognise that external digital threats are a real and present danger. They are deploying a wide range of security tools to combat these threats. Almost half (44 per cent) of organisations plan to increase digital defence investment by 15-25 per cent in the coming year and 14 per cent are planning increases in excess of 25 per cent. In addition to bolstering in-house capabilities, they will also be outsourcing more of the threat management tasks. While a quarter (25 per cent) is outsourced today, this will grow to 37 per cent in two years, representing a growth rate of 27.5 per cent. UK respondents in particular anticipate an upswing in their use of third-party service providers.

Today’s digital threat landscape brings a host of news challenges, requiring organisations to adopt a new and different to responding to external threats. While external threat management is a relatively new discipline for many information security teams, its importance in today’s digital age can’t be underestimated. Cyber threat intelligence is another aspect that will enable a reduction in the time to respond to threats. Importantly, interoperability between digital threat intelligence tools and existing internal security tools is key to ensuring a robust, integrated approach to strengthening enterprises digital defences.

Fabian Libeau, VP EMEA RiskIQ
Image Credit: Konica Minolta Business Solutions UK