Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .




Josh Lefkowitz, CEO, Flashpoint

Everyone remembers the social media boom of the mid-2000s. While social networks such as MySpace and Friendster already existed and had fledgling ad revenue models, it wasn’t until the emergence of Twitter, Facebook’s acquisition of FriendFeed, and the development of tools such as HubSpot and HootSuite that businesses began to take social media seriously as a digital channel.

Then, as is the case of all emerging technology use cases, market confusion began. Is social media really important in business? Is it digital marketing? Is it social media for business? Is it social marketing? Does it fit in lead generation or communications?

In the end it was rightly determined that social media is merely a tactical approach that is part of a bigger marketing and business strategy and wouldn’t be as valuable if that strategy were not developed first. And, as with most strategic development, sometimes research and more advanced tools are required to glean the information to put the right tactics in motion.

Fast forward to the mid-2010s and we’re in a similar dilemma with the crowded cyber threat intelligence (CTI) market, especially in the discussion around digital risk monitoring. According to Forrester, digital risk is assessing cyber risk, brand risk, and physical risk emanating from open web properties, social networks, and some computer and mobile applications. Much like tactical social media tools, a good intelligence-rich strategy needs to be developed in advance of any digital risk monitoring implementation in order to be most effective.

Business Risk Intelligence (BRI), on the other hand, provides strategic intelligence gleaned from the Deep & Dark Web that informs organisations what the actual threats are that are critical to their business. While many organisations do have digital risk monitoring in addition to BRI, many organisations end up adding BRI later on to address the intelligence gap that digital risk monitoring approaches leave open. Many concerns often stem from missed information around insider threats, fraud, anti-money laundering, geopolitical intelligence, supply chain, and a need for more sophisticated threat actor profiling or directed actor engagement.

For one, putting the tactical before the strategic is going to land most organisations in a corner where they are missing business critical information. Second, digital risk monitoring solutions, even if they offer data from the Deep & Dark Web, do not often have expertise beyond purely automated approaches to gain information, which can never be rich enough to be considered intelligence.

Just as strategy needs to come before tactics, BRI must come before digital risk monitoring. Digital risk solutions are good for setting and monitoring already known information, or as I’ve said before, “answering the questions companies already know to ask.” But BRI is what helps determine what needs to change in operations, policies, and protections across an organisation.

Here’s an example based on the insider threat use case. In one incident, intelligence from an underground forum revealed that a rogue employee of a multinational technology company was preparing to profit from stolen source code from unreleased, enterprise-level software. With this intelligence, the company was able to be alerted and then supported in completing an internal investigation, work with law enforcement to support the employee’s arrest, prevent the illicit sale, and preserve the company’s intellectual property.

Digital risk monitoring could not have been used to detect or mitigate this insider threat. BRI, on the other hand, found the threat in its relevant context, enabling the company to take the appropriate steps to minimise its risk.

According to The Forrester Wave: Digital Risk Monitoring, Q3 2016: “Generic online or social media monitoring provides a false sense of security. Many security and risk] and marketing pros remain naïve about serious risks in their organisation’s digital presence, because they believe their existing social media monitoring or cyber threat intelligence (CTI) tools will detect them. That notion, however, is increasingly misguided.”

It’s misguided, of course, because these basic tools are tactical and do not provide the intelligence alone that is needed. The challenge of digital risk is that it rests somewhere between basic social media and brand monitoring, sprinkled with traditional cyber threat intelligence. Digital risk doesn’t have the scalable technology and human power behind it to produce BRI that helps all departments in an organisation determine the best strategies for protecting their digital, human, and physical assets.

Digital risk monitoring is a helpful tool for organisations that already have rich intelligence and not just data. Failing to distinguish between the two can be problematic. It is nearly impossible to form relevant context without first considering how the data relates to the entire risk profile of an organisation not just a tactical report. Observing digital risk through the open web is not enough to develop necessary context and thus cannot enable organisations to apply and operationalise the data to address their challenges effectively. BRI must come first.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post