#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Energy and Utilities Firm Increases Productivity by Reducing False Positives
1. Use Case
Energy & Utilities Firm Increases Productivity by Reducing False Positives
www.digitalshadows.com
An energy & utilities organization faced budget pressures
and purchased another firm’s threat intelligence and risk
monitoring service based on its lowest price bid. Once
their service went live, the utility company’s security
team was soon overwhelmed by “alert fatigue” and raw
incidents with high false positives that required 4+ hours
of daily triage – time that could be better spent on more
important initiatives. After a short time, the organization
became frustrated with their experience of the low-cost
firm and transitioned to Digital Shadows SearchLight™
due to its breadth of coverage, analyst team and relevant threat intelligence that verifies every incident,
enabling better productivity and offering a speedy return on investment. The energy client views Digital
Shadows as an extension of their internal team.
U.S. Headquarters
Digital Shadows, Inc.
332 Pine Street, Suite 600
San Francisco, CA 94104
North American Intelligence Operations Hub
5307 E. Mockingbird Ln.
Suite 915
Dallas, TX 75206
UK Headquarters
Digital Shadows, Ltd.
Level 39
One Canada Square
London E14 5AB
Overview
A global mobile telecommunications firm uncovered sensitive
data exposed on the dark web. The leaked data included name,
address, email address, mobile subscriber data, mobile phone
number and date of birth, which was comprehensive enough
that financially motivated threat actors could use it to create
fraudulent identities and make bogus online purchases.
Although the leaked data was several years old, the telecom
operator was concerned about its brand reputation, maintaining
customer loyalty and avoiding large regulatory fines.
Telecom Firm Uncovers Sensitive
Customer Credentials Online
Digital Shadows SearchLightTM
How We Mitigated the Risk
Risk Detected
Digital Shadows SearchLightTM
detected leaked information on thousands of mobile
customers on the dark web where criminals often post stolen credentials and credit cards
for sale. Credential dumps from online criminal forums typically signal that a data breach
has already occured.
Analyst Reviews and Adds Context
Digital Shadows analysts investigated further and validated that the credentials belonged
to the telecom sector. The telecom operator was immediately notified about the leaked
credentials, provided with context about the incident and given recommended next steps
to mitigate the risk.
Risk Managed
Upon receiving the incident, the telecom operator took swift action to research and contain
the data exposure in order to prevent further cybercrime and credential theft. The telecom
operator notified its customers, taking a proactive approach to data security and risk
management. Digital Shadows continued to monitor data sources like criminal forums for
further indicators of data leakage.
Data Exposure Use Case
Telecom Industry
About Digital Shadows
Digital Shadows monitors, manages and remediates digital risk
across the widest range of data sources within the open, deep, and
dark web to protect an organization’s business, brand and reputation. www.digitalshadows.com
info@digitalshadows.com
+1-888-889-4143 | +44 203 393 7001
J17
About Digital Shadows
Digital Shadows enables organizations to manage digital risk by identifying and eliminating threats to their business
and brand. We monitor for digital risk across the broadest range of data sources within the open, deep and dark web
to deliver tailored threat intelligence, context and actionable remediation options that enable security teams to be
more effective and efficient. Our clients can focus on growing their core business knowing that they are protected if
their data is exposed, employees and third parties put them at risk, or their brand is being misused. To learn more,
visit www.digitalshadows.com.
Email: info@digitalshadows.com
U.S. Headquarters
Widest Collection of Sources
SearchLight monitors for data exposure across the widest
range of sources, within the open, deep and dark web.
No stone is left unturned.
Tailored and Targeted Collection
A register of key assets that uniquely define your organization
and your subsidiaries drives our intelligence machinery.
Why Digital Shadows Get Started
For more information on
Digital Shadows SearchLightTM
and
how we can help protect your
organization from Data Exposure,
please contact us
Visit www.digitalshadows.com
for more information
Call us at US 1-800-889-4143
UK +44 (0)203 393 7001
Email info@digitalshadows.com
Analyst
Added Context
Digital Shadows
intelligence analysts
investigate and add
context, impact and
recommended action.
Asset Registration
Organizations register
their company assets
with Digital Shadows,
including code samples,
document markings and
email footers.
Explore View
Organizations can view
the credential exposure
at a strategic level,
identifying trends over
time.
Mitigation Options
Each incident comes with a severity level and mitigation
options. We also offer Managed Takedown Service, which
provides end-to-end management for shutting down
malicious activity and offloading this time consuming task
from your team.
About Digital Shadows Digital Shadows monitors and manages digital risk across the widest range of data sources
within the open, deep and dark web to protect an organization’s business, brand and
reputation. The Digital Shadows SearchLightTM
service combines scalable data analytics with
intelligence analysts to manage and mitigate risks of an organization’s cyber threat, data
exposure, brand exposure, VIP exposure, infrastructure exposure, physical threat, and third
party risk, and create an up-to-the-minute view of an organization’s digital risk with tailored
threat intelligence. The company is jointly headquartered in London and San Francisco.
For more information, visit www.digitalshadows.com.
Data Exposure Example
Call us at 1-888-889-4143
UK +44 (0)203 393 7001
U.S. Headquarters
Digital Shadows, Inc. North American Intelligence Operations Hub
UK Headquarters
Widest Collection of Sources
SearchLight monitors for data exposure across the widest
range of sources, within the open, deep and dark web.
No stone is left unturned.
Tailored and Targeted Collection
A register of key assets that uniquely define your organization
and your subsidiaries drives our intelligence machinery.
Why Digital Shadows Get Started
For more information on
Digital Shadows SearchLightTM
and
how we can help protect your
organization from Data Exposure,
please contact us
Visit www.digitalshadows.com
for more information
Call us at US 1-800-889-4143
UK +44 (0)203 393 7001
Email info@digitalshadows.com
Analyst
Added Context
Digital Shadows
intelligence analysts
investigate and add
context, impact and
recommended action.
Asset Registration
Organizations register
their company assets
with Digital Shadows,
including code samples,
document markings and
email footers.
Explore View
Organizations can view
the credential exposure
at a strategic level,
identifying trends over
time.
Mitigation Options
Each incident comes with a severity level and mitigation
options. We also offer Managed Takedown Service, which
provides end-to-end management for shutting down
malicious activity and offloading this time consuming task
from your team.
About Digital Shadows Digital Shadows monitors and manages digital risk across the widest range of data sources
within the open, deep and dark web to protect an organization’s business, brand and
reputation. The Digital Shadows SearchLightTM
service combines scalable data analytics with
intelligence analysts to manage and mitigate risks of an organization’s cyber threat, data
exposure, brand exposure, VIP exposure, infrastructure exposure, physical threat, and third
party risk, and create an up-to-the-minute view of an organization’s digital risk with tailored
threat intelligence. The company is jointly headquartered in London and San Francisco.
For more information, visit www.digitalshadows.com.
Data Exposure Example
www.digitalshadows.com
U.S. Headquarters
Digital Shadows, Inc.
332 Pine Street, Suite 600
San Francisco, CA 94104
North American Intelligence Operations Hub
5307 E. Mockingbird Ln.
Suite 915
UK Headquarters
Digital Shadows, Ltd.
Level 39
One Canada Square
Widest Collection of Sources
SearchLight monitors for data exposure across the widest
range of sources, within the open, deep and dark web.
No stone is left unturned.
Tailored and Targeted Collection
A register of key assets that uniquely define your organization
and your subsidiaries drives our intelligence machinery.
Why Digital Shadows Get Started
For more information on
Digital Shadows SearchLightTM
and
how we can help protect your
organization from Data Exposure,
please contact us
Visit www.digitalshadows.com
for more information
Call us at US 1-800-889-4143
UK +44 (0)203 393 7001
Email info@digitalshadows.com
Analyst
Added Context
Digital Shadows
intelligence analysts
investigate and add
context, impact and
recommended action.
Asset Registration
Organizations register
their company assets
with Digital Shadows,
including code samples,
document markings and
email footers.
Explore View
Organizations can view
the credential exposure
at a strategic level,
identifying trends over
time.
Mitigation Options
Each incident comes with a severity level and mitigation
options. We also offer Managed Takedown Service, which
provides end-to-end management for shutting down
malicious activity and offloading this time consuming task
from your team.
About Digital Shadows Digital Shadows monitors and manages digital risk across the widest range of data sources
within the open, deep and dark web to protect an organization’s business, brand and
reputation. The Digital Shadows SearchLightTM
service combines scalable data analytics with
intelligence analysts to manage and mitigate risks of an organization’s cyber threat, data
exposure, brand exposure, VIP exposure, infrastructure exposure, physical threat, and third
party risk, and create an up-to-the-minute view of an organization’s digital risk with tailored
threat intelligence. The company is jointly headquartered in London and San Francisco.
For more information, visit www.digitalshadows.com.
Data Exposure Example
Digital Shadows SearchLight™ How We Mitigate the Challenge of False Positives
Our team tailors threat intelligence to each specific client’s strategic priorities and asset data collection. Although we
analyze the broadest range of sources across the open, deep and dark web to provide a comprehensive view of digital
risk, it’s all about filtering incidents to minimize false positives so that security teams don’t have to spend unnecessary
time researching raw incidents and thereby enable clients to focus on the areas of highest risk.
Challenge Identified
Analysts Review and Prioritize Incidents
We focus on meaningful incidents and not just raw data. Digital Shadows SearchLight™ incidents are all analyst
verified, providing added context and ranking based on urgency, vastly reducing false positives. We offload the tedious
work to help our clients improve visibility and incident management. As an example, Digital Shadows filters duplicate
compromised credentials that are posted and re-posted across the dark web by threat actors after we have already
notified clients of first detection.
Challenge Managed
We enable organizations to focus on what matters most to them while simplifying incident response and SOC
management. Our energy & utilities client found that saving 4+ hours of daily security investigation by their team,
seven days a week, was incredibly valuable and made the investment in Digital Shadows SearchLight™ an easy
decision. The client was now able to focus increased attention on relevant threats, security awareness training, patch
management and regulatory compliance efforts.