Armand here, RPost’s armadillo product evangelist. I’ve been tracking risk over the last many months and one area that we’re seeing CIOs and CISOs overlooking is Third-Party risk.
Information protection just became more urgent and more complex. Think of some of the recent major cybercriminal threats and insider leaks. These are third parties that can cause chaos to YOUR organization – vendor email compromise, advisor, client, staffing, and supplier impersonations, and more.
Imagine you close a large deal, the client signs the purchase order, a cybercriminal has compromised an advisor or client email account so they are privy to the deal closing, and then the cybercriminal sends a perfectly contextual invoice with the deal points (right price, product names, terms, etc.) but has alternate electronic bank payment details. Even before your team sends the invoice for the BIG DEAL, they have already paid the money to the cybercriminal.
There are so many iterations of this that we cannot explain all of them here. But remember, the sophistication is powered-up. Major eSignature vendors, email security gateway companies and other technology service providers have been in the news due to THEIR systems being compromised, causing YOU risk associated with your data, clients and transactions. In the eSignature vendor example, cybercriminals have access to their API and are sending the above-mentioned invoices via that vendor’s platform to mimic the impersonated brand and also the underlying deliverability security checks like DKIM.
Think of the cybercriminal eavesdropping tactics employed in the largest (by far) cybercriminal espionage, data exfiltration, and eavesdropping campaign ever, run by the reported to be a Chinese-sponsored Salt Typhoon cybercriminal cabal. The criminals are able to see the context and strategies of organizations they want to target, by breaching YOUR third-party telecommunications provider.
Many security gurus in organizations are hyper-focused on first-party risk - protecting outsiders from targeting your or your clients’ staff on inbound email. Some are also now focusing on second-party risk - your or your clients’ staff sending messages to others inside the organization.
But there is a new vector that cybercriminals have exposed – the third-party risk that often stems from external clients outside your secure perimeter who often don’t have the same security resources as large entities.
More examples: Your or your clients’ vendors. Supply chains have become a focal point for cyberattacks. Vendor email compromise - an emerging attack genre - involves threat actors infiltrating business communications between trusted partners to steal data or money, or simply cause havoc.
And when they get compromised, YOUR or YOUR CLIENTS’ content gets exposed in THEIR email or file systems, which is a huge risk.
RPost uniquely solves this. While you or your clients’ may have solutions for mitigating risk on INBOUND email, RPost tackles an open risk that other security systems don’t consider. Our tech lets you SEE what you cannot currently SEE - cybercriminals actively looking at YOUR content leaks on the OUTBOUND message path, where these crimes are staged.
Central is RPost’s core Eavesdropping™ AI that can detect when a cybercriminal or threat actor is actively eavesdropping on communications, transactions, or documents (a) in a compromised email account - internal or at a third-party, (b) being sent to an impersonator receiving replies to lookalike domain email, and/or (c) being sent from an insider that has either accidentally or maliciously leaked sensitive information.
Once the leak has been identified --- even if outside of one’s controlled network --- RPost’s AI Auto-Lock™ tech then automatically auto-locks the exfiltrated or compromised sensitive documents.
Third-party risk is a big issue right now when it comes to leaks that provide cybercriminals contextual content to power up their GenAI-infused financial crime.
Contact RPost to see and counter insider threats, leaks, and cybercriminals interacting with an organization’s content in unexpected ways.
December 19, 2024
December 13, 2024
December 09, 2024
December 03, 2024
November 29, 2024
Blog