We recently published our Forrester Wave™: Digital Risk Monitoring, Q3 2016 report. We evaluate nine of the top vendors in this emerging market that offer solutions to continuously monitor “digital” — i.e., social, mobile, web, and dark web — channels to detect, prevent, and mitigate any type of risk event posing a threat to organizations today.


Why now

It’s almost 2017 and yet companies are more exposed and less equipped to handle the slew of risks that run rampant across countless digital channels today. Digital risk monitoring (DRM) solutions are increasingly valuable for organizations because:

  • Digital channels are now ground zero for cyber, brand, and even physical attacks. Cybercriminals use a variety of tactics to weaponize social media, impersonate or embed malware into mobile apps, deface websites, collude in dark channels, and cause financial, reputational, or physical harm. Digital risk monitoring tools combat these methods by deploying a variety of data-gathering and advanced risk analysis techniques. They aggregate data via open-source intelligence (OSINT), technical intelligence (TECHINT), human intelligence (HUMINT), and even covert human intelligence (CHIS). Then they analyze the collected data with data classifiers, machine learning, and risk scoring algorithms to determine the most likely and most threatening risk events in a quick and efficient manner.
  • Firms’ digital footprints are more prominent (and precarious). For the US alone, digital marketing spend will top $100 billion by 2019. Beyond deliberate marketing budgets, there’s an endless stream of associated digital assets, accounts, apps, and affiliations that enhance the company’s brand and reputation. As firms’ digital brand value grows, so do related risks and threats to it. The FBI cited that social media-related cybercrime had quadrupled in the past five years, while brand hijacking, promotional scams, malware distribution, and account hacks of both brands and key executives (e.g., the Twitter and Pinterest accounts for Facebook CEO Mark Zuckerberg) increasingly bombard the brand.
  • DRM solutions offer unique security and risk features, strategic relationships, and acumen. Beyond risk intelligence and analytics, DRM solutions safeguard digital assets through automated controls that protect and lockdown accounts when suspicious activity is detected. They build strategic relationships with some of the major digital channels, such as Facebook, LinkedIn, eBay, ISPs, registry operators, etc., to ensure that when an issue arises, it’s identified and taken down as quickly as possible. Moreover, these vendors are staffed with experienced subject matter experts who help configure monitoring results and conduct deeper cyber-investigations when necessary.

What you should do

The digital risk monitoring vendor market is still emerging, but the related risks and threats are already well-established, plaguing organizations across every industry and region. To combat these threats and build a more effective approach to managing digital risk, you need to:

  • Identify your firm’s biggest digital risks and its most glaring blind spots. Do you know how many accounts, apps, sites, etc. are associated with your company’s core brand, along with its sub-brands, products, local divisions, and key personnel? If your estimate doesn’t hit the high-hundreds, then you likely have some major visibility gaps. Beyond your brand-owned assets, what other digital channels do you regularly monitor for other risk events (e.g., doxxing, counterfeit sales, or conversations disclosing strategic plans, intellectual property, or serious compliance violations)? Build out this type of digital risk catalogue to determine how to prioritize your resources and the controls necessary to protect them.
  • Read our Wave report and download the tool to select the best DRM solutions for you. In our 27-criteria Wave evaluation, we assess the key features and functionality that differentiate nine of the top digital risk monitoring vendors in the market today (listed in alphabetical order): BrandProtect, Crisp Thinking, Digital Shadows, DigitalStakeout, ListenLogic, LookingGlass, Proofpoint, RiskIQ, and ZeroFOX. Use the report and accompanying tool to determine which vendor is right for your organization.
  • Prepare for a more chaotic digital risk future. It’s easy to forget how quickly digital disruption has altered our world already, but let me offer you one data point: daily smartphone usage more than doubled from 2013 to 2015, rising from 58 minutes to 126 minutes (in only two years)! We’re just beginning to grapple with this new mobile reality, meanwhile the pace of change continues to pick up, and so will the associated digital risks. Regardless, whether it’s digital risks associated with visual analytics and image recognition, early applications of augmented reality like Pokémon Go, or AI bots mimicking real human behavior – digital innovation and digital risks will go hand in hand.


Finally, be sure to connect with me @nickhayes10! Tweet me questions, feedback, arguments… And answer one of these questions:

  1. Which do you prefer for digital risk monitoring: a) a managed service, or b) a tool you can configure yourself?
  2. What’s one digital risk monitoring feature that you desperately want (added or improved)?
  3. What digital risk research would you like to see next?