Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .


The Next phase of cyber protection: pre-emptively detecting attacks

iStock 1258760198 - Global Banking | Finance

The Next phase of cyber protection: pre-emptively detecting attacks

223 - Global Banking | FinanceQ&A with Sian John, Chief Technology Officer (CTO) at NCC Group, a global leader in cybersecurity, delves into how Online Exposure Monitoring (OXM) technology enhances an organisation’s visibility and comprehension of its digital exposure across the clear, deep, and dark web. This marks a significant stride forward in proactive cybersecurity measures, as it enables the early detection of impending cyber threats.

In today’s digital landscape, nearly all businesses face the stark reality of their sensitive digital data being exposed online, either intentionally or inadvertently. Often, organisations tend to focus on threat detection only once an attack is underway. However, the truth is that early identification of adversarial behaviour can significantly reduce the impact of such threats. Embracing a layered defence strategy that detects risks in their nascent stages can effectively mitigate the impact, risk, and cost of cyberattacks, thereby forging a more secure digital future for all.

How does Online Exposure Monitoring (OXM) work to provide visibility into the clear, deep, and dark web?

OXM offers a range of service tiers to support organisations at any point in their cybersecurity journey. It augments managed extended detection and response (MXDR) services to offer a holistic perspective of the entire attack chain. OXM provides invaluable insights into emerging and potential threats at their earliest stages, while MXDR identifies threats in the more advanced phases, ensuring comprehensive threat coverage.

Why is this a significant step forward in proactive and pre-emptive cybersecurity?

OXM empowers organisations to monitor threats right from the outset of the cyber kill chain, during the reconnaissance phase. This phase involves malicious actors seeking opportunities to compromise their target while gathering information about the organisation, its personnel, and the technologies in use. Much of this information is readily available on the internet, provided you know where to look. NCC Group and Searchlight Cyber possess the expertise to pinpoint such valuable information that could be useful to attackers. OXM enables organisations to monitor these sources of information, thereby spotting potential threats before malicious actors can exploit them, reducing the risk of misuse.

What types of attacks does this monitoring technology look out for?

OXM is capable of identifying various attacks, whether they are impending, occurring during an incident, or even in the aftermath of a breach. Before an incident, OXM can identify threats such as leaked credentials, where malicious actors exploit exposed usernames and passwords to gain unauthorised access to the corporate network. It can also detect typo-squat domains, which are domain names closely resembling those of the organisation and are often used for phishing or creating cloned versions of corporate websites. Additionally, OXM can uncover instances of sensitive data exposure, where confidential or sensitive information becomes inadvertently accessible to potential attackers. This may include sensitive documents or unpatched systems that attackers might target as entry points into the corporate environment.

During a security incident, how does OXM prove valuable?

OXM plays an indispensable role in identifying ongoing threats and potential breaches during a security incident. It can alert organisations to the sale of access on the dark web by Initial Access Brokers, a group of cybercriminals who acquire access to victims and auction it off to the highest bidder. In cases where traditional security monitoring fails to detect a breach, mentions of the organisation in criminal forums or online marketplaces can serve as early indicators of a security breach. Furthermore, OXM enables the monitoring of network traffic leaving the organisation and connecting to the dark web via TOR. This capability helps organisations uncover issues such as employees accessing the dark web for illicit activities or malware within their environment communicating with criminal infrastructure on the dark web.

How does OXM contribute to post-incident analysis?

In the aftermath of a security breach, OXM plays a critical role in post-incident analysis. It continuously monitors for any exfiltrated data, a major concern when an organisation’s security has been compromised. Whether it’s a ransomware incident or another type of breach, OXM scans the clear, deep, and dark web to identify traces of stolen information. By providing organisations with visibility into post-breach activities, OXM allows them to swiftly prioritise their efforts to minimise online risks and take necessary actions to mitigate the impact of the breach. This proactive approach is vital in efficiently containing and recovering from security incidents.

Can you walk us through how NCC Group is adopting this technology?

Powered by Searchlight Cyber’s dark web monitoring platform, DarkIQ, OXM combines NCC Group’s threat intelligence expertise and consultant-led approach with automated alerts to continuously monitor an organisation’s digital risk. It alerts organisations to incidents like breached credentials releases, exposed data on code repositories, phishing domains, and concerning threat actor discussions involving key personnel or assets. In addition to reviewing incidents and alerts identified by Searchlight’s automated monitoring, NCC Group’s Threat Intelligence team assists organisations in asset discovery, alert triage, threat hunting, and provides mitigation advice and actionable recommendations to adjust their security posture effectively, thereby minimising and reducing the total impact and cost of threats.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post