By Faisal Shah, CEO, Appdetex
Chief information security officers (CISO)
don’t get much rest. They can’t while their teams are in a relentless battle
with adversaries working around the clock to evade defenses and leverage potential
gaps in the extended perimeter of the company’s network. And now, CISOs face
more insomnia as their teams are tasked with defending an even more challenging
perimeter: customer-facing digital channels.
Malicious actors are using these
channels to weaponize brands and compromise unsuspecting users. Like legitimate
marketing campaigns, their efforts may employ an array of digital touchpoints —
email, search engines, online ads, social media sites, website and marketplace
listings, and even mobile app stores. Adversaries use social engineering and
technology-driven exploits to divert consumers as they seek engagement with
brands. Then, they employ a range of techniques to monetize their activities,
from delivering malware to selling fake products to harvesting users’
credentials.
An
opportunity to detect and take down brand attacks faster
Consumers aren’t the only ones to suffer
damage from brand attacks, of course. Enterprises can face a mountain of
fallout, from reputational damage to lost sales. To combat this risk, business leadership
looks to the legal function — which is on the front line of protecting the company’s
intellectual property — to identify and investigate instances of brand abuse. And,
leadership relies on the CISO and security team to do essentially the same
thing from an IT perspective across all of the company’s customer-facing
digital channels.
When needed, these two functions cooperate
on investigations. But more often, they work in silos. Wouldn’t it make more
sense for them to fight brand abuse in the digital realm together in a more
coordinated and ongoing fashion? That would allow them to cover more ground,
correlate data on threats faster, expedite investigations, and, ultimately,
reduce the time-to-live (TTL) of brand attacks.
Many forward-thinking CISOs already know
the answer to this question is “yes.” And, as they lie awake at night, they may
wonder, “How can my team collaborate effectively with brand protection to expedite
the mitigation and investigation of brand attacks?”
Exactly how the security team and the
brand protection team, which is charged with securing the organization’s brands
and intellectual property, structure a more formal working relationship will depend
on the company and its specific needs. But there are a few steps that CISOs and
General Counsels can take together to ensure collaboration between their
functions is productive and delivers positive results:
1. Optimize workflows
Brand protection and security teams need to optimize workflows so
they can expedite high-priority remediations. It’s critical to figure out that
framework upfront, and not when a threat emerges.
2. Formalize data sharing and risk mitigation protocols
These issues need to be considered when establishing the framework
for optimizing workflows. How will the functions share information? What tools
will they use? And, when a threat is discovered, how will they work together to
stop it or reduce its impact?
3. Sweep and monitor digital channels
The brand protection and security teams — along with the business teams
— should sweep and monitor digital channels both before and after the launch of
a new product or promotion. This process needs to start well before the launch
date and continue for as long as deemed necessary.
4. Continue applying function-specific expertise and
tools
The security and brand protection teams have their
own tools, systems, and data for investigating and mitigating threats. And they
should continue to use them to uncover and abate all aspects of a brand attack
and monitor malicious activity. What will be different, though, once these two
functions commit to more formal collaboration, is how they exchange data
throughout an investigation.
What does this look like in practice? Consider this example: A malicious actor
uses several branded and unbranded sites to mount an attack. The IT security
team discovers the activity first and then passes relevant data and metadata to
the brand protection organization for enforcement. That team then uses their
tools and workflows, which are built around intellectual property constructs,
to uncover more than 100 related sites, social accounts, ad accounts, and marketplace
listings, as well as other data. Through that process, they also discover evidence
of another cyber threat and pass that information back to the security team for
additional investigation and remediation.
This example shows how collaboration
between these functions can create a positive cycle that enhances security
investigations, augments attribution efforts, accelerates resolution, and helps
reduce a brand attack’s TTL. And, by knowing they’re shortening the life span
of these attacks, CISOs may find they can actually get a little more sleep at
night.
###
The post What’s Keeping CISOs Up at Night? Brand Abuse appeared first on Cybersecurity Tech Accord.