Redefining Cybersecurity for a Comprehensive Security Posture

The integration of different disciplines of cybersecurity and fraud management is a necessary evolution in the face of increasingly sophisticated digital threats.

Ayan Halder, Principal Product Manager, Arkose Labs

January 26, 2024

4 Min Read
The word "fraud" under a magnifying glass, surrounded by 1s and 0s
Source: Andriy Popov via Alamy Stock Photo

Cybersecurity is the practice of securing businesses' infrastructure and endpoints from unauthorized access. Multiple teams within an organization lead different aspects of cybersecurity. From Web application firewall (WAF) to application programming interface (API) security, these teams often work in silos with their independent key performance indicators (KPIs) and road maps leading to fragmentation in understanding the comprehensive threat landscape of the organization.

The discipline of fraud prevention — a relatively new but now-established method of stopping threat actors who exploit Web applications for financial gain — has fragmented the cybersecurity landscape within an organization even further. Fraud prevention teams, often a part of consumer growth and onboarding teams, operate their independent road maps and attempt to eradicate fraudulent financial losses.

Redefining cybersecurity to combine these disciplines under one umbrella brings a multitude of benefits to an organization, including a comprehensive cybersecurity posture, efficient resource utilization, and reduced capital burn.

The Threat Actors' Perspective

Threat actors target an organization mostly for financial incentives. And financial incentives exist across multiple surfaces within an organization. Attackers could target employees to gain unauthorized access to internal servers and then blackmail them in exchange for giving up the unauthorized access. They can also target the consumer-facing application for distributed denial-of-service (DDoS) attacks or other malicious purposes.

Recently, Microsoft took down Storm-1152, a cybercriminal group, known for illegally reselling Outlook accounts for financial gain. One can't guarantee that individuals behind the group won't resurface to attack a different Microsoft platform.

Given the threat, organizations are better off unifying the different teams involved directly and indirectly with cybersecurity to land a comprehensive security posture. 

Efficient Capital Management

Cybersecurity is a fragmented market, and vendors are blurring the lines between traditional cybersecurity and fraud management by trying to unlock those use cases within the same platform. However, since the buyers of fraud management tools differ from buyers of traditional cybersecurity tools, and these teams operate in silos, organizations fail to consolidate vendors and spend more than needed.

The current macroeconomic climate demands efficiency, and efficient vendor management through consolidation across different surfaces offers a lucrative angle to capital efficiency.

Integrating the Domains

Although difficult in the beginning, a few initial actions can help set the operations up for success:

  • Unified strategy and common KPIs: Bringing in the right representation and creating a unified strategy is key to success. A unified strategy ensures that every stakeholder is accountable for driving that strategy forward. Defining cross-team KPIs makes the unified strategy measurable. For example, instead of letting the bot management team set a siloed KPI, such as "Number of bot attacks stopper per month," bringing in the bot management, account-takeover, and transaction fraud detection teams together and setting up KPIs that look at bot attacks stopped and bots that trickled down to commit account takeovers and, ultimately, a transaction fraud can bring more visibility across the chain and keep everyone accountable.

  • Integrated technology stack: Once a unified strategy is set, invest in an integrated technology stack. Siloed technology stacks create opaqueness that, in turn, leads to inefficiencies. An integrated technology stack ensures full visibility by any team in the chain. Downstream teams can use threat indicators identified by upstream teams to further probe the traffic. Similarly, if downstream teams find interesting actionable insights, upstream teams can act on such insights. For example, teams responsible for API security may find threat insights based on the sequence of API usage by consumers that aren't usually available to bot and fraud protection teams. Such insights can be used if such an integrated technology stack exists.

  • Unified vendor strategy: Almost every team responsible for cybersecurity and fraud protection uses vendors to complement their work. The majority of the vendors offer overlapping capabilities to unlock additional use cases. Having a unified vendor strategy ensures that every team is aware of vendors used by other teams. Additionally, the integrated technology stack ensures that signals from the vendors can be used across teams instead of in just one. Cost efficiency is an added benefit.

  • Unified response to threat incidents: Creating cross-functional tiger teams during incidents ensures that each incident is looked at holistically. Such an effort not only significantly reduces the probability of another attack from the same and similar groups but also conserves capital outflow from ransom demands.

Conclusion

The integration of different disciplines of cybersecurity and fraud management, guided by unified strategy, common KPIs, and shared accountabilities, is not just a strategic move but a necessary evolution in the face of increasingly sophisticated digital threats. By fostering collaboration and alignment in objectives, companies can build a more resilient and efficient digital security posture, protecting their assets, their reputation, and, most importantly, their customers. The goal is to create a unified front against digital threats, where the strengths of each domain are leveraged to enhance the overall security of the organization.

About the Author(s)

Ayan Halder

Ayan Halder

Principal Product Manager, Arkose Labs

As the Principal Product Manager at Arkose Labs, Ayan leads Detection product strategy and development to help businesses identify and secure against botnet attacks and human-driven fraud. Ayan has over 10 years of professional experience across several domains and over five years exclusively in the fraud detection space at TeleSign and Arkose Labs. He has a deep interest and domain expertise in the fraud detection space and actively writes about the opportunities and challenges of this growing space.

See more from Ayan Halder
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

MITRE Corp's logo in blue
Endpoint Security
MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti BugsMITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs
byNate Nelson, Contributing Writer
Apr 22, 2024
3 Min Read
The letters EDR/XDR amid binary code
Application Security
Evil XDR: Researcher Turns Palo Alto Software Into Perfect MalwareEvil XDR: Researcher Turns Palo Alto Software Into Perfect Malware
byNate Nelson, Contributing Writer
Apr 19, 2024
4 Min Read
Kuala Lumpur, Malaysia, skyline against the harbor at sunrise
Cyber Risk
Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity ProsLicensed to Bill? Nations Mandate Certification of Cybersecurity Pros
byRobert Lemos, Contributing Writer
Apr 23, 2024
4 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events