Cyber risk management InsurTech KYND reveals that although dark web monitoring can be useful when a data breach has occurred, data breach monitoring should be the first port of call.
With cyber-attacks on the rise, the phrase “to be forewarned is to be forearmed” rings true now more than ever. When it comes to detecting data breaches early, recent work from KYND has weighed up two approaches: dark web monitoring, and data breach monitoring.
Dark web monitoring is a common way of being alerted to whether your company’s data is being sold on the dark web, whereas data breach monitoring alerts a company the moment an attempt is made to access its database with malicious intent.
Data breaches
How much do companies really need to worry about data breaches in the first place? According to KYND, in today’s internet-reliant world, data breaches have quickly become a daily occurrence and no one is immune. Anyone is at risk of a data breach; the threat is not confined to large organisations.
Data breaches can be devastating for a business. In the UK hefty regulatory fines can be imposed by the Information Commissioner’s Office (ICO), of up to £18m of 4% of annual turnover, whichever is higher. These fines are imposed if personally identifiable information (PII) is mishandled or unprotected, and both organisations and customers can suffer the consequences.
What’s more, KYND explained, is that there can also be reputational damage stemming from the loss of clients’ trust. This reputational impact might be detrimental to a business’ ability to attract new customers. Moreover, data breaches also mean that operations may be heavily disrupted while a business attempts to contain the breach, conduct a thorough investigation, and continue its business-as-usual despite potentially missing data.
Dark web monitoring
Companies nowadays are increasingly investing in dark web monitoring tools, KYND said. Dark web monitoring involves monitoring your organisation’s data presence on the dark web. Because of the level of anonymity inherent in using the dark web, it’s typically where cybercriminals go if they want to sell your information.
Dark web monitoring services will alert a firm if information about its organisation or employees shows up on the dark web. This means it will be able to take steps to prevent or stop any type of fraud by either changing the leaked details or adding extra security measures to the affected accounts.
However, KYND stressed that not every data breach ends up on the dark web for sale, at least, not immediately, so it’s difficult to determine whether a company’s data has been compromised or not – that is until it receives an alert that its data has appeared on the dark web.
As if that wasn’t challenging enough, once acquired by attackers, the ill- gained information gets quickly recycled and redistributed numerous times over extended periods. This means there will potentially be a fair share of false-positive alerts making it difficult to prioritise real indicators of a breach over the everyday chatter noise of the dark web communities.
Therefore, KYND said that while dark web monitoring is a great way to find out if a company’s data is being used for nefarious purposes, it is ultimately a reactive approach. Moreover, dark web monitoring is not an all-seeing-eye, due to the hidden nature of the dark web, and as such cannot be relied upon for comprehensive coverage of the dark web, or the sole approach to data breach monitoring.
Data breach monitoring
For a more proactive approach to data protection KYND said a data breach monitoring service keeps an eye on a company’s data from inside the organisation.
Data breach monitoring software helps organisations to record data breaches as soon as they occur, report them to the regulatory authorities, and to notify any customers or clients who may have been impacted. KYND is an advocate of preventative methods, which it said are always better than curative methods. Data breach monitoring alerts can help lessen the impact of a data breach, as well as making a company aware of any vulnerabilities in its’ cybersecurity protocols.
KYND recognised that dark web monitoring is a great tool but could be greatly enhanced if it’s paired with its Data Breach Monitoring service. To carry out this monitoring, KYND creates a “secret client”. This means that KYND provides a fake persona – a full name and an email address – that looks no different from any real clients and will easily blend in amongst them. Whether this is in a company’s database, CRM software, on a mailing list, or a spreadsheet, KYND can monitor secret clients for activity. If the secret client is contacted, KYND will notify the company immediately. If the activity is suspicious, there is likely to have been a data breach.
Companies also have the option for KYND to monitor the different places they store their data, meaning KYND can help pinpoint exactly where the breach has occurred. This means that instead of reacting to finding data on the dark web, a company can quickly respond to secure its data and mitigate the fallout of a data breach and be better prepared for future occurrences.
Copyright © 2022 FinTech Global
