Digital Risk Protection vs. Threat Intelligence

Digital Risk Protection (DRP) remains important and is receiving increasing attention from CISOs and security experts. The DRP, an operational security device previously classified as Threat Intelligence (TI), has been enhanced as a new security device through Gartner’s hype cycle research and other analytical studies that security teams rely on when investigating multiple external cyber threats. Many businesses enjoy the benefits of DRP every day, but for those who don’t, read on to find out what DRP is, how it differs from IT and how it can help you protect your digital assets from outside threats.

According to
Gartner, DRP solutions are experiencing significant growth, supported by a wide range of essential threat detection and response services. Gartner predicts that by 2025 the target group for digital risk protection services will increase from 1% today to 10%.
[i] This is mainly due to the effectiveness of the DRP in accelerating both the breadth and depth of digital assets against a variety of external threats. Although acceptance of BDS continues to grow, there is still some market convergence between BDS and IT and areas where companies should focus.

Why protect against digital risks?

DRP is a business process that combines the recognition, detection and control of attacks in an external digital environment. While traditional IT gathers information with the resulting endpoints to protect internal resources from external threats, DRP focuses on the immediate identification and mitigation of threats targeting corporate assets beyond the security boundaries of your network. It’s your first line of defense for monitoring and removing similar domains, preventing malicious account hijacking, protecting the reputation and integrity of your brand and executives, monitoring and protecting against social network threats, and detecting data breaches.

Effective DRP requires a combination of advanced automated data collection and processing technologies, combined with expert human analysis, to quickly tap into the vast amount of information needed to find and eliminate threats that can harm your business. This operational approach makes it possible to quickly identify and mitigate threats to the sustainability of companies.

DRP stops the bleeding, TI informs the security programs.

While DRP detects and mitigates active external threats to help organizations quickly stop the bleeding, TI focuses on a methodical process of intelligence gathering to anticipate threats and prevent internal resources from being compromised. It involves the collection and analysis of large amounts of data over a long period of time in order to take strategic decisions.

TI includes investigative procedures to determine the overall impact and severity of potential security threats to businesses. The goal is to plan and assess the overall landscape of the organization in order to anticipate potential threats and allocate resources to ensure optimal security. Typical applications include incident response planning, developing security assessments and dashboards to rank threats and determine an organization’s readiness to counter threats, strategically prioritizing threats, and assessing the vulnerable area of enterprise attacks to reduce the total unprotected area.

While this process is careful and time consuming, it helps organizations through their vision, capacity and scale to identify and ultimately mitigate threats in real time. But while TI helps identify the threat universe, TI is a partial solution that requires additional investment in security and program maturity to mitigate threats and generate revenue.

So, what happens first?

As the evolution of cyber threats puts pressure on security budgets for an ever wider range of threats, it is clear that security teams are constantly trying to decide how best to protect their organizations. While best practices suggest that DRP and IT should ultimately coexist as complementary processes for an integrated security programme, organisations should first weigh their strategic and operational security needs and threat landscape against the scale, severity and risk of the cyber threats they face on a daily basis to best determine the direction and scope of their investments.

Traditional IT helps identify strategic threats that may become potentially dangerous to the organization over time, but are not optimized to effectively address and mitigate active external threats. Digital Risk Protection is a flexible, adaptable and rapidly deployable end-to-end solution that focuses on quickly identifying and mitigating external threats.

An additional advantage of DRP is that it does not depend on the duration of your security program or the size of your company. In fact, depending on the severity of your individual threats, DRP is flexible enough to combine protections as needed over time and to continuously add functionality as your security strategy evolves, reducing access costs and making it easier to combat external threats. Organizations of all sizes, maturity levels, and security levels can quickly take advantage of DRP, regardless of the unique external threats they are trying to combat. Read more about
PhishLabs digital risk protection.

Gartner, New Technologies: 1. Critical overview of digital risk protection services, 2. Critical overview of digital risk protection services, 3. Critical overview of digital risk protection services. July 2020, Ruggero Contu and Elizabeth Kim.

Additional resources :

*** This is the syndicated network of PhishLabs blog security bloggers written by John LaCourt. You can read the original announcement at

Related Tags: