Digital risk protection in 2018: New vendors, new leaders, new wave

Here are the capabilities that security and risk professionals should prioritize when selecting a Digital Risk Protection solution.
Written by Forrester Research, Contributor

Video: Facing the unique challenges of a ransomware attack

In Forrester's "New Tech: Digital Risk Protection, Q2 2018" report released this past quarter, we found that VC funding from 2015 to 2017 eclipsed $400 million for digital risk protection (DRP) vendors (see below figure). Investor action has continued in 2018, with over $50 million committed to included vendors in the first six months, including Blueliv (Series A), CyberInt (Series B), IntSights (Series C), and Social SafeGuard (Series B).

Also: What is digital transformation? Everything you need to know

(Image: Forrester)

Choosing A Digital Risk Protection Solution

Most buyers (77 percent) are purchasing DRP tools as net-new solutions for their organizations (as opposed to replacing an existing capability). They're adding DRP to their existing security technology stacks to better tackle digital risk activities -- namely, to improve their external digital risk visibility and to streamline the ensuing remediation.

Also: 10 vendors enabling digital transformation in retail

In our research, we found that certain DRP capabilities are more differentiated than others. For security and risk pros launching a new vendor selection campaign, set your priorities with the following capability areas in mind:

  • Footprint mapping and visualization. Capabilities to identify, link, and maintain an accurate profile of your externally accessible digital domains, assets, apps, and accounts, as well as their relevant attributes and metadata.
  • Digital risk reconnaissance. Capabilities to collect, scan, and analyze data from a wide variety of deep and dark digital channels. Depending on where you need visibility, you might elevate certain domains over others, such as social media intelligence or dark web recon.
  • Takedowns and remediation. Consistently a top need for DRP users is support for the necessary response and remediation of digital risk events -- either automated or facilitated via analysts as a managed service. For well-orchestrated automation, breadth of security technology integrations and partnerships is critical.
  • Use-case support for brand security, VIP protection, and PII discovery. Customers cite at least one of these three objectives as a core way they use their DRP solution: Protect our brand, our people, and our data (online).

-- By Nick Hayes, senior analyst

Read the full report, "The Forrester New Wave™: Digital Risk Protection, Q3 2018," to see where vendors stand out and which ones better map to your needs [subscription required].

This post originally appeared here.

These are 2018's biggest hacks, leaks, and data breaches

Previous and related coverage:

Digital transformation: Why the future is looking bright for CIOs

https://www.zdnet.com/article/digital-transformation-why-the-future-is-looking-bright-for-cios/CIO Strategies: Digital transformation projects and the need to spread the use of technology throughout organisations is good news for tech chiefs.

How to manage vendors in a cloud-first world

https://www.zdnet.com/article/how-to-manage-vendors-in-a-cloud-first-world/The spread of services available via major cloud platforms means that businesses need to find new ways of managing a broad spectrum of vendors.

Editorial standards