Searchlight Cyber, the dark web intelligence company, today published the results of a study with the Marsh McLennan Cyber Risk Intelligence Center, which shows that the presence of any data relating to an organization on the dark web demonstrably increases its risk of a cyberattack. To coincide with the study, Searchlight has also launched a supporting Dark Web Risk Report, which is a free resource that organizations can use to view their dark web exposure and the corresponding risk, based on an analysis conducted by the Cyber Risk Intelligence Center.
CyberTech News: Bitdefender Launches First Proactive Hardening (PHASR) Tech
“Our analysis of the dark web intelligence market found that this dataset is highly correlated with cyber insurance loss frequency and that external threat factors are correlated with cybersecurity incident frequency.”
The Center analyzed Searchlight’s dark web dataset against a sample of 9,410 organizations with an overall breach rate of 3.7 percent from 2020 to 2023 to determine whether there was a correlation between data breaches and findings on the dark web in the year before the incident. The study – The Correlation Between Dark Web Exposure and Cybersecurity Risk – found that all nine of Searchlight’s dark web intelligence sources are correlated to increased cybersecurity risk:
Intelligence Source | Increased Likelihood of a Cyber Incident | |
Compromised Users | Compromised accounts on the dark web related to an organization. | 2.56x |
Dark Web Market Listings | The mention of the organization or data related to the organization on a dark web market. | 2.41x |
Outgoing Dark Web Traffic | Traffic originating from the organization’s network and connecting to the dark web. | 2.11x |
OSINT Results | Assets related to an organization that have been identified on the dark web. | 2.05x |
Paste Results | The mention of an organization or data related to an organization on plain-text repositories. | 1.88x |
Telegram Chats | The mention of the organization or data related to the organization on Telegram | 1.75x |
Incoming Dark Web Traffic | Traffic originating from the dark web and connecting to an organization’s infrastructure. | 1.63x |
Forum Posts | The mention of the organization or data related to the organization on a dark web forum. | 1.58x |
Dark Web Pages | The mention of an organization or data related to an organization on a dark web site. | 1.29x |
The study also included a multi-variable analysis, which showed that combining multiple dark web sources provides a stronger indication of increased cyber risk. Paste Results, OSINT Results, and Dark Web Market Listings were found to be the most correlated to cyber insurance loss frequency in conjunction with other factors.
Ben Jones, Co-Founder and CEO of Searchlight Cyber commented: “The core finding of Marsh McLennan’s analysis is that any data related to your organization on the dark web is highly correlated with your chance of a cyberattack. Cybercriminals plan their attacks on dark web forums, marketplaces, and in hidden communication channels, and the study has quantified the risk of each of these areas of dark web exposure for the first time.
“If security teams can identify their exposure on the dark web they have a huge opportunity to proactively act, adjust their defenses, and effectively stop attacks before they are launched by cybercriminals. The first step is to gain visibility: to understand where the threat on the dark web is coming from, where the organization is being targeted, and continuously monitor to give themselves the best chance of identifying and stopping a cybersecurity incident.”
Following the study, Searchlight and the Marsh McLennan Cyber Risk Intelligence Center will collaborate to help organizations unlock the value of dark web intelligence in determining and mitigating the risks against their business.
Scott Stransky, Managing Director and Head of the Marsh McLennan Cyber Risk Intelligence Center, said:
“Historically the insurance industry has focused on data from within an organization, such as questionnaires, along with outside-in technographic scans for determining cybersecurity risk. While this data is extremely valuable, ignoring dark web factors external to the organization’s network leaves the industry with a blind spot around who could be targeting the organizations they insure and the resources those cybercriminals possess to execute their attacks.
CyberTech News: AuditBoard and Protiviti Strengthen Alliance for Japan’s Internal Audits
“Our analysis of the dark web intelligence market found that this dataset is highly correlated with cyber insurance loss frequency and that external threat factors are correlated with cybersecurity incident frequency.”
To share your insights, please write to us at news@intentamplify.com
Source: businesswire