Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
January 26, 2024
4 Min Read
Source: Andriy Popov via Alamy Stock Photo
Cybersecurity is the practice of securing businesses' infrastructure and endpoints from unauthorized access. Multiple teams within an organization lead different aspects of cybersecurity. From Web application firewall (WAF) to application programming interface (API) security, these teams often work in silos with their independent key performance indicators (KPIs) and road maps leading to fragmentation in understanding the comprehensive threat landscape of the organization.
The discipline of fraud prevention — a relatively new but now-established method of stopping threat actors who exploit Web applications for financial gain — has fragmented the cybersecurity landscape within an organization even further. Fraud prevention teams, often a part of consumer growth and onboarding teams, operate their independent road maps and attempt to eradicate fraudulent financial losses.
Redefining cybersecurity to combine these disciplines under one umbrella brings a multitude of benefits to an organization, including a comprehensive cybersecurity posture, efficient resource utilization, and reduced capital burn.
The Threat Actors' Perspective
Threat actors target an organization mostly for financial incentives. And financial incentives exist across multiple surfaces within an organization. Attackers could target employees to gain unauthorized access to internal servers and then blackmail them in exchange for giving up the unauthorized access. They can also target the consumer-facing application for distributed denial-of-service (DDoS) attacks or other malicious purposes.
Recently, Microsoft took down Storm-1152, a cybercriminal group, known for illegally reselling Outlook accounts for financial gain. One can't guarantee that individuals behind the group won't resurface to attack a different Microsoft platform.
Given the threat, organizations are better off unifying the different teams involved directly and indirectly with cybersecurity to land a comprehensive security posture.
Efficient Capital Management
Cybersecurity is a fragmented market, and vendors are blurring the lines between traditional cybersecurity and fraud management by trying to unlock those use cases within the same platform. However, since the buyers of fraud management tools differ from buyers of traditional cybersecurity tools, and these teams operate in silos, organizations fail to consolidate vendors and spend more than needed.
The current macroeconomic climate demands efficiency, and efficient vendor management through consolidation across different surfaces offers a lucrative angle to capital efficiency.
Integrating the Domains
Although difficult in the beginning, a few initial actions can help set the operations up for success:
Unified strategy and common KPIs: Bringing in the right representation and creating a unified strategy is key to success. A unified strategy ensures that every stakeholder is accountable for driving that strategy forward. Defining cross-team KPIs makes the unified strategy measurable. For example, instead of letting the bot management team set a siloed KPI, such as "Number of bot attacks stopper per month," bringing in the bot management, account-takeover, and transaction fraud detection teams together and setting up KPIs that look at bot attacks stopped and bots that trickled down to commit account takeovers and, ultimately, a transaction fraud can bring more visibility across the chain and keep everyone accountable.
Integrated technology stack: Once a unified strategy is set, invest in an integrated technology stack. Siloed technology stacks create opaqueness that, in turn, leads to inefficiencies. An integrated technology stack ensures full visibility by any team in the chain. Downstream teams can use threat indicators identified by upstream teams to further probe the traffic. Similarly, if downstream teams find interesting actionable insights, upstream teams can act on such insights. For example, teams responsible for API security may find threat insights based on the sequence of API usage by consumers that aren't usually available to bot and fraud protection teams. Such insights can be used if such an integrated technology stack exists.
Unified vendor strategy: Almost every team responsible for cybersecurity and fraud protection uses vendors to complement their work. The majority of the vendors offer overlapping capabilities to unlock additional use cases. Having a unified vendor strategy ensures that every team is aware of vendors used by other teams. Additionally, the integrated technology stack ensures that signals from the vendors can be used across teams instead of in just one. Cost efficiency is an added benefit.
Unified response to threat incidents: Creating cross-functional tiger teams during incidents ensures that each incident is looked at holistically. Such an effort not only significantly reduces the probability of another attack from the same and similar groups but also conserves capital outflow from ransom demands.
The integration of different disciplines of cybersecurity and fraud management, guided by unified strategy, common KPIs, and shared accountabilities, is not just a strategic move but a necessary evolution in the face of increasingly sophisticated digital threats. By fostering collaboration and alignment in objectives, companies can build a more resilient and efficient digital security posture, protecting their assets, their reputation, and, most importantly, their customers. The goal is to create a unified front against digital threats, where the strengths of each domain are leveraged to enhance the overall security of the organization.
About the Author(s)
Principal Product Manager, Arkose Labs
As the Principal Product Manager at Arkose Labs, Ayan leads Detection product strategy and development to help businesses identify and secure against botnet attacks and human-driven fraud. Ayan has over 10 years of professional experience across several domains and over five years exclusively in the fraud detection space at TeleSign and Arkose Labs. He has a deep interest and domain expertise in the fraud detection space and actively writes about the opportunities and challenges of this growing space.
You May Also Like
Your Everywhere Security guide: Four steps to stop cyberattacksFeb 27, 2024
Your Everywhere Security Guide: 4 Steps to Stop CyberattacksFeb 27, 2024
API Security: Protecting Your Application's Attack SurfaceFeb 29, 2024
API Security: Protecting Your Application's Attack SurfaceFeb 29, 2024
Securing the Software Development Life Cycle from Start to FinishMar 06, 2024
Use the 2023 MITRE ATT&CK Evaluation Results for Turla to Inform EDR Buying Decisions
Causes and Consequences of IT and OT Convergence
Stopping Active Adversaries: Lessons from the Cyber Frontline
Building Cyber Resiliency: Key Strategies for Proactive Security Operations
2023 Software Supply Chain Attack Report