Intelligent CIO Middle East Issue 23 - Page 84

EDITOR’S QUESTION WHAT IS THE BEST WAY TO PROTECT AGAINST SECURITY THREATS FROM THE DARK WEB? T he Dark Web is considered a mysterious entity that many consumer users do not understand. The fact that it exists on an encrypted network and cannot be found by using traditional search engines adds to the sense of danger. This risky reputation is rooted in reality. That’s why digital risk management companies are eagerly enhancing their security products to minimise the threat it poses to enterprises. For instance, Digital Shadows has announced comprehensive enhancements of its award-winning SearchLight solution’s dark web coverage capabilities. It has a focus on scalable data analytics plus human led data collection and contextual interaction to best protect an organisation’s business, brand, and reputation. With continuous coverage updates added daily, Digital Shadows SearchLight™ has significantly expanded its automated dark web collection capabilities, complemented by human data scientist support to monitor, manage, and protect organisations 84 INTELLIGENTCIO against threats associated with forums and marketplaces across the open, deep, and dark web. Organisations can now easily see many dark web incidents, with context, as they happen, wherever they happen. With these enhancements, customers will be quickly notified that they are at risk and intelligence will be shared with an up-to-date list of posts in the offending threads with key contextual information on each forum user. Within marketplaces, risky product listings will be flagged and key information will be displayed about the sellers’ reputation. When it comes to closed sources on the open, deep and dark web, automated collection alone is insufficient. Digital Shadows recognises it is critical to complement automation with a team of data scientists and intelligence experts who gain access to closed sources, and qualify the data collected to enhance analytic capabilities. This gives customers the full breadth and context needed to address the digital risks that are most relevant and impactful to their business. Automation in digital risk management alone is not enough, as it cannot collect everything, and can lead to an unmanageable level of false positives. “The threat intelligence component of digital risk management is all about giving organisations the insight to monitor, manage and protect against threats no matter where they are coming from. Vendors that only focus on the dark web don’t provide a comprehensive understanding of risk and open their customers up to blindspots,” said Rick Holland, VP Strategy at Digital Shadows. ‘Defence in Depth’, the popular security mantra, is increasingly giving way to Expense in Depth as CIOs struggle to manage the disparate data coming from an overwhelming number of point solutions. Security professionals need comprehensive security solutions that consolidate and provide context across their digital risks without adding additional complexity and costs.” A collection strategy that is only focused on dark web sources falls short and doesn’t provide the complete picture including the strategic intelligence that organisations need. Intelligent CIO spoke to three experts about the best ways to minimise security threats from the Dark Web.