What is Threat Monitoring
SecurityStudio recently announced adding a new feature to S2Me and S2Team called “Threat Monitoring”. It’s wrong to assume that everyone knows what threat monitoring is, so we put together a short article to explain. A threat, and the definition of “threat”, is best understood when they are put into context, and this is where we’ll start.
The key to managing risk is understanding risk.
The understanding of “risk” is critical to understanding the concept of information security, privacy, and personal safety. The meaning of risk is also very important to the meaning of threat(s) because they’re interrelated.
Risk is the likelihood of something bad happening combined with the impact of something bad happening.
The “something bad happening” is derived from threats and vulnerabilities. A threat is “a person or thing likely to cause damage or danger” and a vulnerability is a weakness (in protection). Threats, when applied to vulnerabilities, result in risks.
Do you see the relationship? It might be a little clearer when we substitute “something bad happening” in our risk definition. When we do, the definition of risk looks like this:
Risk is the likelihood of a (threat acting upon a vulnerability) combined with the impact of the (threat acting upon a vulnerability). Risks are difficult to predict, but there are many examples:
- The risk of a compromised bank account.
- The risk of ransomware.
- The risk of lost personal information.
- The risk of lost privacy.
The number of risks we face each day can be great, depending on many factors.
SecurityStudio’s threat monitoring is our method of monitoring threats (“person or thing”) that are likely to cause you damage or danger.
How SecurityStudio’s Threat Monitoring Works
Threat monitoring is an evolving science. Threats are always evolving, techniques to discover threats are always evolving, and SecurityStudio’s solutions are always evolving too.
This first version of our threat monitoring solution is simple and focused. We’re identifying data breaches and incidents where your account or personally identifiable information may have been compromised, then notifying you to take some action in response. We follow a simple four-step process:
- Discovery – SecurityStudio systems are constantly scouring multiple reputable online sources for data breach and incident-related information.
- Collection – We collect all the breach and incident information we find, compile it, and store it in our own localized data warehouse.
- Identification – Multiple times a day, we mine our data warehouse, searching for indicators of compromise related to you (and all other S2Me subscribers).
- Notification – If indicators of compromise related to you are discovered, we notify you immediately by email (if you’ve got the feature turned on) and post the information into your secure S2Me portal.
Display of Threat Monitoring in the S2Me Portal.
For S2Team, the same process is followed with one additional step: compilation of the information in the organization’s management dashboard for ease of management and response.
Display of Threat Monitoring in S2Team.
Everyone (but the bad guys) Benefits from Threat Monitoring
Everyone, except for members of remote tribes, has a digital identity. With a digital identity comes opportunity for an attacker to profit and risk for you to lose something of value. This applies to business leaders, employees, grandparents, parents, kids, and everything in between.
S2Me Threat Monitoring is just one solution you should consider. There is no single source of all threat information.
Benefits for S2Me subscribers:
- Your digital identity is monitored constantly, so you can rest a little easier knowing that SecurityStudio’s team of cybersecurity experts is keeping an eye out for you.
- The data we compile is data you can trust; it comes from reputable sources and it’s validated before it ever reaches your inbox or portal.
- Your identity information is mathematically validated, reducing the chances of false alerts and cluttered inboxes.
- S2Me is free and always will be. There’s no catch, and you won’t be sold something you don’t need.
- Checklists keep track of whether you’ve read the threat information, and whether you’ve responded appropriately to the threat.
Benefits for S2Team subscribers:
Employees enjoy all the S2Me benefits (above), in addition to having trusted advisors (the organization’s information security team) to help, and the confidence in knowing nobody else sees their individual S2Me results.
Employers benefit from S2Team by:
- Knowing which employee accounts may have been compromised quickly enough to respond before damage is done.
- Receiving immediate notifications of relevant data breaches and incidents.
- Being able to use relevant data breach and incident information in more effective information security awareness and education campaigns.
- Fostering a closer partnership with the organization’s user community by showing goodwill and care about employee personal protection (at home including family).
When You’re Notified of a New Threat
Don’t panic. You received a threat notification because we detected your personal information was probably involved in a data breach or incident, but NOT that your personal information was used (yet). In most cases, you have time to respond before damage is done.
The first step is to log into your S2Me account and go to the Threat Monitoring tab.
Here you will find all the data breaches and incidents we know about that concern you. Listed at the top will be the data breach or incident you were most recently notified about, along with additional information. In the example below, we may have received a notification about a data breach related to “Wattpad”.
A short description of the incident is provided along with the data that was compromised and your checklist of actions you should take. The two most common suggested actions are to “Read” the information (and check off that you have) and to change your password (checking off “Password Changed” when you have).
That may be all you need to do, especially if you’re following the other guidance provided in the S2Me personal information security risk assessment.
Do This Now
If you haven’t subscribed to SecurityStudio’s S2Me, do it now. S2Me is the standard personal information security risk management tool used by thousands of people across the globe, and it’s the only tool endorsed by state and local governments in the U.S. The free S2Me guides subscribers through a simple information security risk assessment across ten important topics:
- Household Desktop and Laptop Use
- Safe Practices for Internet Usage
- Choosing and Protecting Authentication
- Securing Mobile Devices
- Securing WiFi
- Secure Gateway
- Backing up Data
- Internet-of-Things (IoT) and Other Devices
- Physical Security
- Breach and Incident Response
A completed assessment results in your personal S2Score for tracking your progress as you follow recommendations and build better information security habits.
By default, Threat Monitoring will be turned on when you create your S2Me account and you’ll enjoy all the benefits.
Subscribe to SecurityStudio’s S2Team and deploy S2Me to all your employees and customers. Encouraging employees to protect themselves better at home is a welcome opportunity to foster information security collaboration by showing you care. The insights you gain into employee information security habits will become invaluable as you partner to make information security better for everyone.
There’s no better way to secure the remote workplace than by motivating employees to secure their homes and families better.
Loyal customers expect loyalty in return. Organizations, in growing numbers, are providing S2Me to customers and encouraging their customers to protect themselves better. The organization benefits by demonstrating loyalty, and depending upon the type of business, reduced loss.
The Future of S2Me and S2Team Threat Monitoring
This is just the beginning of what SecurityStudio has in mind to improve information security and threat monitoring for everyday people. This first version of Threat Monitoring uses technology and techniques that have been in the marketplace for a while, but now that we’ve establish a solid base to work from, we can truly innovate!
- Improving our current threat monitoring model to correlate detected attacker activities beyond the original incident.
- Monitoring threats related to physical location.
- Monitoring threats related to social media account usage and security.
- Monitoring threats related to specific systems and devices in use.
- Integration with other live Internet activity feeds for more relevance and focus.
Stay connected to SecurityStudio to learn about our latest news!
At SecurityStudio, we are 100% committed to our mission. Our mission is to fix the broken information security industry by focusing our efforts first on where they’re most needed. Our mission always comes first. #MissionBeforeMoney