Module from Recorded Future exposes and rates growing threats posed by third parties to drive more informed risk decisions
Boston-based threat intelligence provider Recorded Future today unveiled a tool that shines a light on the often opaque problem of risks related to vulnerabilities in external, third-party systems outside the control of most organizations and security teams.
The Lowdown: The vendor’s new Third-Party Risk module allows threat intelligence teams to incorporate real-time, third-party partner, vendor, and supplier analysis into their own risk assessment and security strategy. Recorded Future officials say Third-Party Risk aims for full transparency into the threats facing partner and vendor systems and the reasoning behind its risk scoring, so organizations can make informed decisions about how to securely engage with third parties.
The Details: Some of the factors measured by the new Recorded Future offering that can affect risk scores attached to partner and vendor systems include:
The presence of corporate e-mails, credentials, and company mentions on the so-called dark Web, often an indication that an organization has been breached and a precursor to targeted phishing and credential stuffing attacks aimed at trusted business partners.
Typosquatting and domains registered specifically to impersonate a vendor or partner’s legitimate sites, a sign that threat actors are targeting that organization and making future attacks likely.
Known, unpatched vulnerabilities in publicly facing Website technologies that can be readily discovered and exploited by an attacker.
IT policy violations and infrastructure misuse, such as the presence of a malicious command and control server, which demonstrate the target is susceptible to attack and poses a risk to business partners.
According to Recorded Future’s research, 65 percent of B2B organizations have exposed credentials and 11 percent are being discussed on the dark Web. More than four in 10 are running technologies with known vulnerabilities.
The Impact: According to Forrester Research, third parties were behind 21 percent of confirmed breaches in 2018, up from 17 percent the year before. Ongoing digital transformation initiatives, which often include rapid rollouts of connected IoT devices, increased cloud transformation, and more mobilility deployments, continue to drive up the number and severity of risks posed by third parties.
“For a long time, we described threat intelligence as ‘going beyond the wall’ … providing a view of all threats developing outside the confines of an organization,” said Recorded Future CEO Christopher Ahlberg. “But that’s really just the first half of the story, and is not enough to protect a diverse ecosystem. We know that digital transformation is increasing cyber risk. We also know the only way to counteract this growing threat is to better understand how partner organizations impact our own threat landscapes.”
“Recorded Future’s Third-Party Risk module allows us to more efficiently manage changing exposure for our clients and partners, empowering them to act on threats before they become issues,” said John D. Loveland, global head of cyber security strategy at Verizon Enterprise Services.
“The importance of measuring and proactively addressing risk from third parties cannot be overstated,” said Matt Kodama, vice president of product at Recorded Future. “By analyzing real-time threat activity targeting third parties, in addition to third-party infrastructure and vulnerability data, we’re providing a more complete view of risk. This comprehensive outlook allows our clients to understand current weaknesses and evaluate the potential impact of emerging threats to their organization.”