EDITOR’S QUESTION
WHAT IS THE BEST WAY
TO PROTECT AGAINST
SECURITY THREATS
FROM THE DARK WEB?
T
he Dark Web is considered
a mysterious entity that
many consumer users do not
understand. The fact that it exists on an
encrypted network and cannot be found
by using traditional search engines adds
to the sense of danger.
This risky reputation is rooted in reality.
That’s why digital risk management
companies are eagerly enhancing their
security products to minimise the threat
it poses to enterprises.
For instance, Digital Shadows
has announced comprehensive
enhancements of its award-winning
SearchLight solution’s dark web
coverage capabilities.
It has a focus on scalable data
analytics plus human led data
collection and contextual interaction to
best protect an organisation’s business,
brand, and reputation.
With continuous coverage updates
added daily, Digital Shadows
SearchLight™ has significantly expanded
its automated dark web collection
capabilities, complemented by human
data scientist support to monitor,
manage, and protect organisations
84
INTELLIGENTCIO
against threats associated with forums
and marketplaces across the open,
deep, and dark web.
Organisations can now easily see many
dark web incidents, with context, as
they happen, wherever they happen.
With these enhancements, customers
will be quickly notified that they are
at risk and intelligence will be shared
with an up-to-date list of posts in the
offending threads with key contextual
information on each forum user. Within
marketplaces, risky product listings will
be flagged and key information will be
displayed about the sellers’ reputation.
When it comes to closed sources on the
open, deep and dark web, automated
collection alone is insufficient. Digital
Shadows recognises it is critical to
complement automation with a team of
data scientists and intelligence experts
who gain access to closed sources, and
qualify the data collected to enhance
analytic capabilities. This gives customers
the full breadth and context needed to
address the digital risks that are most
relevant and impactful to their business.
Automation in digital risk management
alone is not enough, as it cannot
collect everything, and can lead to an
unmanageable level of false positives.
“The threat intelligence component
of digital risk management is all
about giving organisations the insight
to monitor, manage and protect
against threats no matter where they
are coming from. Vendors that only
focus on the dark web don’t provide
a comprehensive understanding of
risk and open their customers up to
blindspots,” said Rick Holland, VP
Strategy at Digital Shadows.
‘Defence in Depth’, the popular
security mantra, is increasingly giving
way to Expense in Depth as CIOs
struggle to manage the disparate
data coming from an overwhelming
number of point solutions. Security
professionals need comprehensive
security solutions that consolidate and
provide context across their digital risks
without adding additional complexity
and costs.”
A collection strategy that is only focused
on dark web sources falls short and
doesn’t provide the complete picture
including the strategic intelligence that
organisations need.
Intelligent CIO spoke to three experts
about the best ways to minimise
security threats from the Dark Web.
www.intelligentcio.com