Health Insurer Detects External Threats
Health Insurer Detects External Threats
This Fortune 100 U.S.-based insurance company sells consumer-directed as well as traditional health care insurance plans and related services—including medical, dental, behavioral health, long-term care and more. Recognized as a forward-thinking leader in health insurance, the customer strongly believes in health information technology and heavily invests in rich online resources for consumers and health care providers alike.
After a series of global acquisitions, the customer had consequently inherited sizeable collections of digital assets. These assets were rolled into the customer’s vast digital footprint— the customer’s entire collection of websites, mobile apps, social media profiles, landing pages, portals, forms and more—without security program review. The Chief Information Security Officer (CISO) needed to ensure that assets were in compliance with company standards and regulations including the Health Insurance Portability and Accountability Act (HIPPA).
Challenge: Digital Asset Discovery and Inventory
The CISO’s initial goal was to centralize control of the company’s digital assets. However, these assets existed in siloed environments, and various departmental groups within the company controlled the assets. Gathering an accurate, complete inventory would be a daunting task, given the number of unknown digital assets acquired and the security group’s lack of visibility.
Challenge: Social Media Brand Abuse
The CISO’s other challenge was the abuse of the company’s brand in social media. Threat actors misrepresented themselves as company agents and provided false or misleading information about the company. Moreover, social media was increasingly used to access the company’s customers’ personally identifiable information (PII) through false means. Given the volume and speed of all posts and updates, social media brand abuse is difficult to police.
The RiskIQ Digital Footprint solution continuously discovers, indexes and manages Internet assets from the outside-in. With RiskIQ Digital Footprint, the insurance company’s CISO centralized control of all web, mobile and social assets—enabling the security team to respond quickly to external threats and take control of assets outside its firewall. With a dynamic index of the web attack surface, the customer’s security team quickly brought unknown or shadow IT assets under management and moved quickly to eliminate rogues. The customer now has the technology and support needed to make accurate, strategic risk management decisions to support web, mobile and social properties and to eliminate threats to customers, employees and the organization.
The RiskIQ for mobile platform gives us new visibility into a landscape that lacks conventional sensors. They are helping us manage disruptive technologies that are essential in delivering a forward-thinking customer interaction.
RiskIQ finds an average of 2,000 events per week that indicate some level of vulnerability or abuse of the insurance company’s web pages, mobile apps or brand reputation. This intelligence enables the customer to order take-downs of copycat applications and web pages, address vulnerabilities in application code, and protect against illicit domains from abusing the customer’s brand and trademark information.
For the customer, the threat of rogue assets was most present in mobile. RiskIQ discovered that third-party app developers were creating mobile apps designed to look, act and feel like they were authored by the customer. The intent was to install software on users’ devices to generate revenue from unsolicited digital ads. The customer recognized these apps could be very dangerous if sensitive information were shared.
Finally, RiskIQ leads monitoring for cases of domain infringement, in which a cybersquatter obtains Internet domain names that are identical or confusingly similar to the insurance company’s mark. Domain names routinely infringe on trademarks, resulting in confusion, a poor customer experience and harm to the customer’s brand. Domain infringement is no longer a concern with RiskIQ watching over the customer’s domain names.