By Josh Lefkowitz, CEO at Flashpoint
While the Deep & Dark Web has yielded important security considerations for some time, it’s really been in the last 18 months that the industry has begun to understand how critical the intelligence gleaned from the underbelly of the Internet can support business functions across the enterprise.
As more companies have started proactively working to understand these opaque regions of the Internet more effectively, many decision-makers and stakeholders have recognized that intelligence derived from the Deep & Dark Web can help inform decisions, protect their organizations, and ultimately mitigate risks.
The primary challenges that exist are, one, that while the Deep & Dark Web isn’t all malicious, there are risks for companies that try to explore it without proper expertise. And two, intelligence and data from the Deep & Dark Web have in the past only been used for specific security and intelligence teams, even though there are many groups within an organization that can benefit from Deep & Dark Web intelligence to shore up their understanding and awareness of risk.
The desire to overcome these challenges explains why Business Risk Intelligence (BRI) has been rapidly adopted by some of the world’s largest organizations over the last year. BRI broadens the scope of cyber intelligence beyond threat detection to provide relevant context to business units not traditionally afforded the benefits of intelligence derived from the Deep & Dark Web.
While the integration of cyber intelligence into an organization’s security posture has long been considered fundamental, traditional applications tend to serve solely cybersecurity teams and are therefore insufficient for fully-addressing security needs across other business functions.
As the overlap between today’s cyber and physical threat landscapes continues to expand and create unprecedented challenges, many organizations are recognizing the critical need to inform key stakeholders far beyond what has been possible with the cyber intelligence status quo.
BRI surpasses the myopic, long-held industry standards for cyber intelligence applications to inform decision-making, improve preparation, and mitigate risk throughout an entire organization.
BRI derived from the Deep & Dark Web was developed to better serve organizations’ diverse needs by addressing a gap in the cyber intelligence market. This gap emerged years ago after cyber intelligence’s role as a fundamental necessity was initially established within corporate America under the recognized label of Cyber Threat Intelligence (CTI). The CTI function facilitates a highly-reactive approach to security, as it is largely anchored across industry verticals by way of Indicators of Compromise (IoCs).
It’s important to note that since CTI was developed solely to serve cybersecurity teams, it does little to support other business functions — many of which would otherwise benefit from Deep & Dark Web intelligence. Consequently, cybersecurity teams have typically been the only function to reap the benefits afforded by Deep & Dark Web intelligence — up, until the adoption of BRI, that is.
BRI’s widespread versatility enables organizations to not only bolster cybersecurity but also confront fraud, detect insider threats, enhance physical security, assess M&A opportunities, and address vendor risk and supply chain integrity. BRI provides the agile intelligence necessary to foster interdepartmental risk evaluations, help protect digital infrastructure, map threats to critical assets, reveal threats to supply chain management and identify physical security and business travel risks.
Organizations with robust BRI programs have successfully gained an increased understanding of the impact, relevancy and corresponding business risks from malicious insiders, hacktivist groups, nation-state, and cyber threat actors, and radical jihadists.
Given the mounting difficulties many organizations face in navigating a volatile threat landscape, BRI’s cross-functional, comprehensive approach to intelligence has now become a requirement. As current economic, political, cultural, and technological externalities continue to create challenges across the enterprise, these same externalities have fostered an environment where threat actors thrive and their exploits become more sophisticated — thereby posing greater risks to organizations.
Such risks stem from our growing susceptibility to damages from attacks against critical infrastructure, global financial networks, and other elaborate exploits that undermine society’s safety and confidence in trusted large-scale systems and establishments. Since such attacks can threaten all business functions across an organization, effective mitigation strategies should evidently involve collaboration from all business functions, which BRI facilitates.
BRI is especially crucial given that traditional cyber intelligence applications — such as those rooted in CTI — are simply insufficient for proactively preventing or mitigating these emerging risks. As CTI fosters a reactive, indicator-based approach to security, it often does not enable decision-makers to preemptively detect and mitigate attacks before they occur.
Given the multifaceted and often threatening nature of many emerging risks, prevention — when possible — is absolutely crucial. BRI’s holistic approach addresses the high damage potential of many emerging exploits to help decision-makers better reduce their organizations’ risk.
Indeed, ransomware is one of many such emerging risks that has recently caused many organizations to shift away from CTI. Large-scale ransomware exploits have grown more common because financially-motivated threat actors have recognized just how profitable these attacks can be. Often used to target healthcare institutions, this type of malware can halt operations across all business functions and deprive organizations of access to critical systems.
Ransomware attacks can ultimately cause sizable financial losses, damaged brand reputation, or worse — so prevention is key. As ransomware continues to take center stage as a salient topic of discussion and concern within corporate board rooms, public-sector evaluations, and executive security conversations alike, more decision-makers across the enterprise are recognizing that BRI’s cross-functional, holistic approach to cyber intelligence is necessary for proactively mitigating these complex, dangerous risks.
Whether an organization has an entire department of seasoned intelligence analysts or a smaller team that needs more daily support, BRI can deliver relevant intelligence to help them make informed decisions and mitigate risk. However BRI is achieved, the mix of the right people, data, and technology is critical.
About the Author
Josh Lefkowitz executes the company’s strategic vision to illuminate the Deep and Dark Web and deliver unparalleled insights to customers, empowering them with the industry standard in intelligence from these areas of the Internet. He has worked extensively with federal, state, and local authorities to track and analyze terrorist groups. Mr. Lefkowitz also served as a consultant to the FBI’s senior management team and worked for a top tier, global investment bank, where he gained experience with Fortune 500 companies and ultra-high net worth individuals.