New or developing issues in brand protection demand that firms work with others to protect their brand integrity. These partnerships can encounter challenges in initial formation, problem identification and strategy development, and managing relationship dynamics. But, once they are established, partners learn how to deploy a common strategy and how to execute it throughout the partnership lifecycle.
Partnerships in brand protection are internal and external. Internal partnerships between production team, sales and marketing, cyber security and risk management, enables the business to have a unified risk management strategy on identification and mitigation of risks. This includes process, technology and resources in:
- Documentation of current product’s features and attributes in details such as; shape, colour codes, logos, size, smell, etc. This helps in identification of counterfeited products when necessary
- Documentation of current authorised resellers, their contact details, authorised resell territories and a list of products they are authorised to resell. This will be absolutely helpful in identifying any unauthorised resellers in different regions and countries.
- Documentation of all domains and subdomains, including their certificate details. This helps in identification of any potential vulnerabilities that could result in successful attacks such as: defacement, takeover or any certificate related attacks, etc.
- Information gathering on customer sentiments across various social media platforms, forums and blogs. This requires some intelligence gathering tools and resources to automate the process with key words or logos.
- Information gathering on any impersonating websites or social media pages that are trying to either use those means for Phishing, impersonating any of the VIP staff, or may advertise fake, wrong or malicious details. Again, this needs some threat intelligence tools and resources to automate the process and have it running continuously.
- External cyber exposure management. This includes:
- Any external facing domains and subdomains’ vulnerabilities
- Certificate trust chain’s management
- Dark web monitoring for any leaked data or compromised credentials
- External IPs and ports’ vulnerabilities
- Externally available cloud storages’ vulnerabilities
- Email security and vulnerabilities including DMARC, DKIM and SPF records
- Exposed internal applications and APIs
External partnerships are featuring industry and government/law enforcement. Each one of these have to work together in order to deliver the best outcomes. Partnerships can provide a means for organizations to improve their efforts. Partnerships can also help in formulating and answering questions such as those regarding latest trends, future directions and challenges, and the best way to meet them.
External partnerships can also provide automated processes in response actions when required, such as take down of Phishing sites or fake/impersonating social media accounts and pages. It can also include having the legal actions pre-planned as per playbooks to avoid un-necessary delays in response time. Among these external partnership industry expert services can provide huge benefits in automation and continuous assessment of risks. As an example CyberDNA , as one of the leaders in brand protection offers several capabilities in detection, alerting and mitigation of brand risks.
In terms of counterfeited product risks, collecting, storing, and sharing information as appropriate can boost anti-counterfeiting efforts. The biggest challenge in response actions is getting other investigative agencies to pursue these crimes, as a lot of these investigations that go into counterfeit products, end up with a money laundering charge or some other financial crimes that are of concern to other agencies.
Brands need a structure for data collection that provides a view of product
counterfeiting without being too generic for specific industry insights. As an example, in order to identify a counterfeited coat, having only size, colour or type will not be sufficient. Details matter in these investigations. Public records, if gathered systematically, can offer such insights, though these provide more information in some industries (e.g., health) than others.
Public-private partnerships work best when both parties commit to quick response time. Such
partnerships can also take time to develop and function most efficiently.
If you would like to know how CyberDNA can help, please contact us here.