Many organizations, including financial services, believe theirdigital transformation efforts have outpaced security capacity.Some 70% of the information security decision makers surveyed havemodest to no confidence in managing threats.

According to a recent IDG Connect research report, “The State ofEnterprise Digital Defense,” sponsored by San Francisco-baseddigital threat management firm RiskIQ, therewas a contradiction in effectiveness and likely investment comparedto incidents' actual consequence on organizations.

More than 80% of respondents held they had no to moderateconfidence in reducing their digital attack surface, expressing theleast confidence in threats against web, brand, and ecosystem. Thisdespite over 50% of respondents citing frequency and serious impactof malware, phishing, domain infringement, web scams, and roguemobile and brand abuse.

This illustrates the current landscape and extent of digitalthreats, as well as the application and maturity of defenses toprotect an organization's digital presence.

Financial services, manufacturing and the consumer-packagedgoods sector are the top investors in digital threat managementtools, but the general expenditure picture is very healthy amongall industries surveyed with 99.4% expected to increase spending ondigital threat management tools and services. Across the board, theexpected trend is up and the uptick quite significant.

“Businesses today are in the throes of digital transformationand are seeking to leverage their online presences to enrichproducts, deepen customer relationships and boost their brandecosystems,” the report revealed. “Cyberadversaries have gonedigital too, taking advantage of organizations' digital presencesand brands. Today, phishing, malware, domain infringement,malvertising (the use of online ads to spread malware), ransomware,malicious mobile apps, brand abuse and fake social posts are allprominent.”

There are accelerating threats that exist outside a company'sperimeter defenses and they affect businesses, customers and brandperceptions as well with more than 75% of enterprise securitybreaches due to external threat actors.

“Fraud and counterfeiting is a multi-stakeholder problem betweenbrand owners, technology companies providing monitoring services,and online marketplaces. Without a strong partnership, theseefforts tend to fail or degrade over time,” Darren Spruell, threatresearcher, RiskIQ, said. “Wesee domain infringement and brand abuse incidents of all types,many of which are used to sell counterfeit goods, which is abooming industry. But we also see phishing pages and scam sites forfake jobs, travel offers, software updates, and malwareattacks.”

While InfoSec investments have increased to protect the adoptionof various forms of cloud computing, security programs andresources are truly in catch-up mode when it comes to the defenseof an organization's external digital presence.

The research noted, “Today we are going through just such aninflection as organizations transform themselves via websites, appsand other digital means of online, connected engagement. However,it is a certainty that adversaries will try to capitalize on theseapproaches with plans to exploit trust in organizations' digitalpresence, brands and novelty of experience.”