This past week, we all had to endure painful testimony from social media and technology executives on the integrity (or lack thereof) of their service infrastructure. While the resulting narrative might have seemed new, perhaps even to C-SPAN junkies (like me), none of the questions or answers during the hearings came as a surprise to enterprise security experts. For many years now, experienced cyber defenders have recognized that social media, mobile, and cloud platforms represent major new attack vectors. This is an issue, because so many companies, agencies, and organizations now rely heavily on these social platforms in their marketing, messaging, and outreach programs for employees, customers, and yes - voters. As such, new cyber security protection approaches have emerged that are focused on risks outside the perimeter firewall. Without such new protections, serious consequences can arise, such as corporate brands being damaged or on-line assets being fraudulently misused (as in national elections). My friend James Foster, CEO of ZeroFOX, knows quite a bit about this new area of enterprise security, and he was kind enough to sit down with me and share his views on current and future trends in addressing risk in these external platforms. Here is a synopsis of our conversation:
EA: Can you tell us about the risks your team is observing on social media platforms?
JF: Anyone who has been watching the news lately understands the potential risks that exist on social media. These are incredibly powerful platforms that create communities and help people and businesses connect and share, but because social media is mostly unmoderated, the possibility emerges that misrepresentations can be made. This can have minor consequences when the activity is isolated, but it can have major consequences if it involves a business or many people. Reputations for organizations are no longer just maintained based on business activity, they are also now affected and influenced by external social, mobile, and other digital platforms. This is what drives risk.
EA: Do mobile platforms and app stores introduce new risk to the enterprise?
JF: Anywhere spoofed accounts can be set up outside the perimeter, digital risks emerge. Since app stores are included in this category, they should be monitored to ensure that new risks to an organization have not been created. But it’s not just app stores – it’s any social, digital, or collaboration platform, and this includes Pastebin, Facebook, Reddit, and other popular forums. These all require monitoring from a digital risk perspective.
EA: Are there mitigations that can be performed when an enterprise is experiencing digital risk?
JF: Organizations are digital now and risks that target an organization on social, mobile, or collaboration platforms can be mitigated in many ways. Luckily, enterprise teams can mitigate the effects of phishing campaigns, customer scams, fraudulent accounts, and many other threats on social and digital platforms. We support this process through accurate monitoring, which is the first step to identifying any security problem, combined with advanced automation, which helps us ingest, analyze, and remediate malicious risks for our customers. We work closely with social media and other digital platforms to take down risks, content, and profiles that violate terms of service.
EA: How does your team’s platform work? Are there experts working behind the scenes to assist in the risk monitoring function?
JF: The ZeroFOX Alpha Team is the only research team in the world that is dedicated to the identification of emerging threats and risks on social media and digital platforms. Our researchers are active in the security community, helping to bring down large-scale campaigns that affect everyone. For example, we might analyze tens of thousands of impersonator profiles to identify trends. Similarly, we might lead the investigation into Spam botnets spreading fake news, porn, and other unwanted content.
EA: What are your predictions regarding social risks to the enterprise in the coming years?
JF: We have always seen that the bad actors go where the vulnerabilities are – and always target unprotected people, businesses, and data. Since people, businesses of all sizes, and our most up-to-date data are on social media and digital platforms in huge numbers and growing, these challenges are not going away any time soon. Like email before it, social media is the number one form of communication and attackers will continue to be motivated to target all of us where we communicate to get to us and our data.