Digital risk protection should be able to provide your business with information about the activities of others that threaten your security. Those threats can come from hacker teams, con artists, doxers, or disgruntled employees.
Here is our list of the best data risk protection platforms:
- Fortra PhishLabs Digital Risk Protection EDITOR’S CHOICE This SaaS platform provides asset scanning and also Web searches to identify threats to corporate identities either through impersonation or credentials theft. The platform’s services also include reputation management. Access a free demo.
- CrowdStrike Falcon Intelligence Recon This threat intelligence service provides data in two formats: an intelligence report and a feed of actors and indicators. There is also a managed version available.
- Anzenna This cloud-based platform provides a preventative approach to risk by creating a constant security awareness discussion among employee groups the Slack and Microsoft Teams with central monitoring to provide guidance for discussion topics.
- CyberAngel An external threat assessor is a data protection platform and offers intelligence to guard against account takeover and third-party risk.
- ZeroFox This service platform provides intelligence and runs a disruption network that shuts down attacker infrastructure.
- Proofpoint Digital Risk Protection A platform of services that scans for plots against a company by hackers who have already acquired digital identities and insider information.
- IntSights Threat Intelligence Platform A service provided by Rapid7 supplies information on potential attacks and an automated threat intelligence feed.
The digital risk protection might come in a threat intelligence feed, Dark Web research to find mentions of your digital assets or lists for sale that include identities from your business. Other digital risk protection systems implement active protection through blocks on access and activity tracking.
The definition of digital risk protection is broad because the range of threats that your business faces is extensive.
Managing digital risk
Digital risk is the likelihood of damaging consequences from connectivity. It is a vulnerability that is propagated by several internet-related data-sharing strategies. If there are channels available to disclose information, businesses have to ensure that they aren’t used for malicious purposes that will compromise their data security.
So, managing digital risk involves exploiting data-sharing channels while also controlling exactly what information can be passed over them, to whom, and for what purpose. The first step in managing any risk is identifying exactly what the threat is.
Types of digital risk
Take a look at the categories of threats that your company needs to address. These are classed as digital risks. Each type of digital risk needs a different approach to manage it and reduce the threat.
Here are the types of digital risk that you need to manage:
- Cyber security
- Insider threats
- Data leaks
- Automation
- Cloud systems
- Third-party risk
- Data privacy
- Compliance
- Resilience
Cybersecurity and insider threats can be managed in tandem. These risks relate to malicious activities of individuals who get into your system or are already there. Data leaks refer to accidental disclosure either through operators being tricked or indiscrete.
Automation and cloud systems can be poorly organized so that they don’t correctly impose security. Operators don’t feel they need to scrutinize these systems because they assume that these facilities exist to remove responsibility from the need for human inspection.
Third-party risk is a failure in risk management in an associated business. For example, errors made by a supplier, such as a storage host, can impact the buyer’s security. In addition, the collective responsibility for data privacy means that a business can fail the requirements of data privacy standards due to the mistakes made by associated companies.
Compliance is necessary to win business. Failure to gain accreditation means that your business can be seen as a risk to other organizations that will not do business with you. Compliance is like a certification that tells other businesses that you are a low-risk company trusted.
Resilience expresses a company’s preparedness for a disaster. This is implemented through continuity strategies both for stored data and for the business as a whole. The resilience factor can also refer to the public relations and reputation recovery that a business needs to go through to recover its good name after a disaster, such as a catastrophic data disclosure event that attracts terrible publicity.
Addressing digital risk
Digital risk protection (DRP) systems focus on the issues surrounding the first six of the risk categories outlined above: cyber security, insider threats, data leaks, automation, cloud systems, and third-party risk. Data privacy and compliance are usually addressed by systems known as data governance services and consent management systems. Resilience is the realm of business continuity planning and is also addressed by data backup systems.
DRP systems are synonymous with threat intelligence. They can be delivered in research, which includes Dark Web scans, or they can be formatted for automatic processing in threat detection systems. Data loss prevention systems usually address data leaks, but DRP also covers this category of risk. Similarly, while automation and cloud systems can be a form of third-party risk, they can be managed by other tools, such as vulnerability scanners.
Combating digital risk also involves tightening up operating procedures and educating employees about keeping safe on the internet. Data theft strategies can start outside of the company’s control through spamming employees on their private accounts on social media and email. Some tricksters even establish personal links with employees of a target business through dating and hobby sites.
The best digital risk protection platforms
Focusing on threat intelligence feeds, you need to decide whether you want a service that will produce threat intelligence in the form of a report or a feed that is linked to a data loss prevention (DLP) package. It is also possible to get a threat intelligence feed that can be automatically linked to a DLP system that a third party provides.
Our methodology for selecting a digital risk protection platform
We reviewed the market for DRP systems and analyzed the options based on the following criteria:
- A service that scans the Dark Web for digital assets that have been exposed
- A threat intelligence feed that can be linked into a DLP system
- Compatibilities to combine threat intelligence with following generation endpoint protection systems
- A service that will identify procedural weaknesses
- Options for employee education
- A sample report or a free trial for a cost-free assessment
- A reasonable price for a competent service
Using this set of criteria, we looked for a range of DRP systems that offer information and data feeds for automated threat management systems.
You can read more about each of these options in the following sections.
The Best Data Risk Protection Platforms
1. Fortra PhishLabs Digital Risk Protection (GET DEMO)
Fortra PhishLabs Digital Risk Protection scans the Web, the Dark Web, and social media threats to corporate accounts and reputational attacks. The system is implemented through both automated and manual processes and is managed by a team of cybersecurity experts.
Key Features:
- Brand protection
- Account takeover prevention
- Data leak detection
- Social media scanning
- Email threat analysis
Why do we recommend it?
There are two aspects to the service of Fortra PhishLabs Digital Risk Protection: the identification of impersonations of a company’s identity and the identification of the impersonation of third parties with the aim of tricking employees. A company using this service get email protection, which aims to prevent account takeover through phishing attempts. Dark Web scans identify whether company security has already been breached or if account details are up for sale.
The Reputation Protection service looks for impersonator profiles on social media that put out false information about the company or try to trick the public under the guise of the company’s reputation. This service also looks for impersonations of the company’s websites.
Other features in the package aim to prevent company employees from being conned by phishing emails that purport to be from colleagues or bona fide external sources. These attacks try to trick workers into disclosing access credentials or making payments directly to the scammers.
Stolen credentials, lists of email accounts, and stored PII stolen from the company are put up for sale on the Dark Web. The PhishLabs system regularly scans the forms and message boards where such sales are publicized.
The PhishLabs system is offered as a SaaS package. The cybersecurity experts run regular Dark Web scans and they will add the identities of new customers to the list of search terms. The platform also includes an email scanner and a website assessor that looks for threats in the sites that employees visit.
Who is it recommended for?
Every business needs the phishing and account protection services in this package. However, companies that operate in fields that put them at risk of political attacks, such as the oil and gas sector, will particularly need the Brand Protection feature in the package.
Pros:
- Spots the operations of impersonators with fake websites and social media accounts
- Provides user awareness training to help block phishing attacks
- Identifies new phishing campaigns
- Spots corporate account data for sale on the Dark Web
- Reports on risks detected in incoming emails
Cons:
- You need to inquire for a quote
Fortra PhishLabs Digital Risk Protection is a SaaS package. There isn’t a free trial for the service but you can examine the platform by accessing a free demo.
EDITOR'S CHOICE
Fortra PhishLabs Digital Risk Protection is our top pick for a digital risk protection platform because it combines both automated and manual processes to detect threats to a business from identity theft and impersonation. Cybersecurity experts manage the scanning systems of the PhishLabs platform and analyze the results that they bring back from the Dark Web and clear Web sweeps. The on-site protection measures available to businesses include user awareness training to reduce the effectiveness of impersonation techniques. This package will reduce susceptibility to phishing and business email compromise.
Download: Access a FREE Demo
Official Site: https://www.phishlabs.com/demo-request/
OS: Cloud-based
2. CrowdStrike Falcon Intelligence Recon
CrowdStrike Falcon is a suite of cyber security products. Some of those modules are offered in packages, while others are standalone products that can be added to a package or used separately. CrowdStrike Falcon Intelligence Recon is one of the standalone products.
Key Features:
- Research sweeps of the Dark Web
- Regular security risk reports
- Information on third-party risk
- Threat intelligence feed
- Option for a managed service
Why do we recommend it?
CrowdStrike Falcon Intelligence Recon scans all of the places that hackers go to buy data about potential targets, such as disclosed or stolen user account credentials. Chatter relating to new campaigns aimed at particular business sectors, countries, or infrastructure is also collected. The CrowdStrike team collates this information into a newsletter and also into an intelligence feed.
The Falcon Intelligence Recon service provides threat intelligence reports tailored to your digital identities. The reports are compiled through automated sweeps and manual research from a range of data sources, including the Dark Web. So, for example, if someone has hacked into your email system and extracted a list of your corporate email addresses, they will be selling that list on the Dark Web. Similarly, hackers’ attack methods are sold on the Dark Web.
The research that Falcon Intelligence Recon provides pertains to those digital properties your company owns and that you have registered with the service, plus new information about possible attack vectors currently being circulated for hackers to try out.
Your IT security team can take those reports and devise strategies to block the threat, which might involve reporting specific hackers to the authorities or ordering all users to change their email passwords.
The Falcon Intelligence Recon research is also formatted into a threat intelligence feed that automatically updates other CrowdStrike Falcon security products that you might be running on your site.
You can also register the names of the businesses you deal with, which would ring you information on threats to those other businesses, enabling you to assess third-party risk.
Who is it recommended for?
Not every business uses threat intelligence. This form of information can be fed into automated threat detection systems to provide new actions to look for because it can reveal new strategies. The newsletter format can be useful for risk analysis, which includes assessing third-party risk. Data can show which businesses are likely to be attacked soon.
Pros:
- Extensive research into newly encountered threats
- Information from sources that your company wouldn’t otherwise be able to access
- Constant updates so your threat analysis doesn’t get out of date
- The option to get intel on associated company risks
- A threat intelligence feed that automatically updates other Falcon X security systems
Cons:
- No demo account or sample reports for assessment
Falcon Intelligence Recon is a managed service that deduces defense strategies from the intelligence reports for you. This would be of interest to those businesses that don’t keep cybersecurity experts on the payroll. To learn more about the capabilities of this products suite, you can register for a 15-day free trial of Falcon.
3. Anzenna
Anzenna pulls in risk assessments from third-party security tools and registers attempts to address each area of weakness through employee awareness training and discussion groups, which are somewhat akin to quality circles in manufacturing. Different departments and roles have different potential for risk towards different resources and so the Anzenna package tailors assessments and resolution tips according to each type of exposure.
Key Features:
- Context-based assessments
- Risk input from third-party tools
- Resolution progress reports
- Training via Slack and Microsoft Teams
- Employee security discussion forums
Why do we recommend it?
The Anzenna system doesn’t detect or assess digital risk but it allocates and manages efforts to reduce it. The main method of remediation is to promote a culture of security awareness among staff. Awareness training seminars are delivered via Slack and Microsoft Teams and user group forums create an early warning system through experience sharing.
The main thrust of the Anzenna system is that human error and indiscretion is the main reason for security weaknesses. The tool also tries to reduce the likelihood of insider threats through a form of peer pressure and support.
The system promotes discussion by creating groups of similar responsibilities through the insertion of tips and guide notes. There is also a possible program of training courses in the package.
The system administrator gets a dashboard that shows all risk per type and department and hopefully, the discussion forums and training programs will reduce the risk score shown in the screen.
This is a slightly unconventional approach to both risk and awareness training because the system is less about campaigns than the creation of a security-first culture. This is something that is difficult to conceptualize for businesses that have not yet implemented the program.
Anzenna provides a platform and environment that promotes a security-first business culture. While the package includes a library of training courses, the main facility for risk reduction is a program or seminars conducted through Slack and Microsoft Teams. The system also involves creating user group discussion forums for mutual support, threat intelligence sharing, and the identification of disgruntled employees. The system’s dashboard shows a risk score for each attribute of the business.
Who is it recommended for?
The Anzenna system is suitable for all sizes and types of businesses, although, perhaps very small companies with few employees could probably implement a security awareness culture in face to face meetings rather than through a technology-mediated forum. The system requires a risk assessment service from a third-party provider.
Pros:
- Promotes a security-first working culture
- Creates discussion groups that can spot potential insider threat risk
- Security adapted per role and department
- A dashboard that shows risk scores per business activity
- Integrates with email systems, such as Outlook and Gmail
Cons:
- Relies on third-party tools to measure risk
There isn’t a free trial for the Anzenna system. Instead, interested businesses should request a consultation that includes a demo.
4. CyberAngel
CyberAngel is a platform, which offers a range of DRP services. The main modules of this platform are:
- Asset Discovery and Monitoring
- Data Breach Prevention
- Account Takeover Protection
- Dark Web Monitoring
- Domain Protection
The Asset Discovery and Monitoring service is a vulnerability manager that operates from an external location. This automated service uses techniques derived from hackers on how to break into a system. The Data Breach Prevention service is an extension of that asset discovery process. Rather than providing constant control over data movements like a traditional data loss prevention (DLP) system, this service is an analyzer that identifies security weaknesses around data.
Key Features:
- A modular SaaS platform
- Research in the Dark Web
- Mechanisms to shut down attacks
Why do we recommend it?
CyberAngel calls its platform an External Attack Surface Management service. This includes risk assessments both from penetration-style reconnaissance sweeps on a protected system and Dark Web scans that provide warnings of potential targets and credentials that have got into the hands of hackers.
The Account Takeover Protection module is a research service that scans Dak Web sales sites for lists of email addresses for sale, finding those on your domain. In addition, the Dark Web Monitor looks for chatter that would indicate that your business is about to be targeted.
The Domain Protection service looks for cyber squatters who create copies of your site for use in reaping access credentials from users. Additionally, sites that have domains similar to yours can be used to spread disinformation about your business. The Domain Protection service alerts you to these, and it will also take them down.
CyberAngel is a fast-growing service gathering customers because it combines traditional cybersecurity processes, such as vulnerability scanning, with manual Dark Web research. Unfortunately, you can’t get access to the platform with a trial. However, the service does offer a free demonstration on its site in its Data Leak Dashboard.
Who is it recommended for?
Information about disclosure lets a business know that there has been a leak – a fact that live security scanning can’t always reveal. Information on user account credentials being in circulation on the Dark Web, lets an administrator know that all passwords need to be changed and security procedures need to be tightened.
Pros:
- CyberAngel maintains contacts within the hacker community, so you don’t have to
- This service researches in the Dark Web
- Some modules perform traditional system hardening services
Cons:
- Data leak solutions rely on seeing data that has already been stolen
5. ZeroFox
ZeroFox has set up a research network and also a system called the Global Disruption Network. The research network comprises spies who pose on the Dark Web to acquire the latest lists of insider information that is available for sale. The Global Disruption Network is a combination of administrators and legal experts that can force service providers to shut down the accounts that have been identified as hacker infrastructure.
Key Features:
- External research into compromises
- Scans of the Dark Web
- Remediation system included
Why do we recommend it?
ZeroFox is a platform of four modules that provide attack surface protection. These units are called Protection, Intelligence, Disruption, and Response. The full platform is an attack surface management system. This includes system assessment and Dark Web scanning to discover risks to the company.
The ZeroFox findings are produced as reports that can be viewed in the cloud-based platform of the service. The package also provides threat intelligence as a feed that you can get formatted to suit different third-party tools. Although some of those tools are free to use or have free versions, such as Splunk, most of them are paid packages.
If you already own one of the services in the ZeroFox app library, you just need to activate the integration to get data feeds sent directly to that system. You know which system you can buy to get the ZeroFox feed channeled in if you already have a tool on the list.
The platform offers different modules, so you don’t get a set package of services. Some services have a tariff per asset that you register, such as a domain name. Other modules, such as the remediation service, are charged by action. You can get a guided demo of the ZeroFox services.
Who is it recommended for?
This package will tell you if your system security has been compromised or if your company is at heightened risk of attack. The service can also be used to assess third-party risk. The Protection unit provides brand reputation protection as well as scans of social media, domains, and location information. The tool also looks for risks to key personnel.
Pros:
- A cloud-based platform that enables you to subscribe to different services rather than a rigid package
- The option to include different assets
- A global disruption network to shut down potential attacks
Cons:
- No free trial
6. Proofpoint Digital Risk Protection
Proofpoint Digital Risk Protection is a package of services that covers:
- Social Media Protection
- Web Domain Fraud Monitoring
- Executive and Location Threat Monitoring
- Digital Compliance
The Social Media Protection module analyzes risks to any social media profiles that the company and its employees have. This protection extends to protection against phishing scams, account takeover, and imitators.
Key Features:
- Focuses on social media threats
- Produces compliance with FINRA, SEC, FCA, IIROC
- Protects the corporate image
Why do we recommend it?
Proofpoint Digital Risk Protection is a threat intelligence system that includes Dark Web and social media scanning to collect attack vulnerability intelligence on a subscribing company. The package is a bespoke service, which is difficult to assess before you sign up. The service will discover sensitive data leaks and identify disclosed credentials.
Web Domain Protection looks for cyber squatters who create websites with domains that sound like the company’s identity or misinformation. It also looks for exact copies of a protected site that is used to defraud customers directly. The service takes down any sites that it discovers.
Executive and Location Threat Monitoring is a service that addresses a hacker practice called whaling. This targets key personnel and then imitates them to try to trick other employees into following fake orders.
The Digital Compliance module is a service that analyzes a company’s social media presence and then recommends a reduction of that attack surface by concentrating on just a few profiles and shutting down the rest. This system provides compliance with FINRA, SEC, FCA, and IIROC.
The Proofpoint service is an additional protection system that does not attempt to provide systems supplied by other tools such as data loss prevention and vulnerability management packages.
Who is it recommended for?
Not all risk is in the form of hacker attacks or data theft. A smear campaign is also a reputational risk, so this service looks for those types of events as well as Dark Web scans for credentials for sale. The service will also look for plagiarism, IP infringement, and impersonation, which could cause serious long-term brand damage.
Pros:
- Reduces exposure to phishing attacks
- Removes damaging copycat websites, protecting corporate integrity
- Blocks attempts at defrauding a company through impersonation
Cons:
- No free trial or demo
7. IntSights Threat Intelligence Platform
IntSights Threat Intelligence Platform is a service provided by a division of Rapid7. The Threat Intelligence Platform produces feeds that provide Indicators of Compromise to cybersecurity tools, such as those offered by the Rapid7 Insight platform.
Key Features:
- Researches indicators of compromise
- Dark Web intel
- Warnings over disclosed account credentials
Why do we recommend it?
The IntSights Threat Intelligence Platform provides external threat intelligence in both a newsletter and report format and in structured Indicators of Compromise (IoC) layout for automatic feeds into threat hunting systems. The feed can be sent automatically to SIEMs, SOARs, firewalls, and email systems.
Essentially, with the IntSights system, Rapid7 extends the availability of the threat intelligence feeds needed for its products so that third-party security tools can use them. The intelligence service looks for new threats strategies, phishing attempts, Dark Web mentions, and lists of compromised accounts to provide a tailored warning service for each subscribing company.
The platform is a subscription service, and it will tailor its searches and results with the identities, such as domain names, that you register with the service. You can request a demo to assess the service.
Who is it recommended for?
This tool is useful for any business but large multinationals are particularly vulnerable to both hacker attacks and smear campaigns, due to their brand power and the likelihood that one of their many activities would have ticked someone off. Businesses that are heavily dependent on social media exposure would also need this tool.
Pros:
- Identifies phishing campaigns aimed at your employees
- Produces warning reports
- Offers automated threat intelligence feeds to link through to security tools
Cons:
- It doesn’t provide protection tools, only information