Press Releases

It’s been quite a year. Along with adapting to a pandemic that shut the world inside and brought on a seismic shift in social norms, more people than ever are working from home. A YouGov survey of global office workers commissioned by the new security platform HP Wolf Security shows that 82% of respondents are working from home more since the start of the pandemic, with some 23% expecting to work from home most of the time even after we “return to normal” (whatever that is).

Which means that hundreds of millions of us are tapping into our employee networks through work-distributed laptops, sure, but also with our personal devices. Not just that, but we’re letting our kids use them for school, for gaming, for streaming content (and we’re often guilty of doing the same!). According to the recent Blurred Lines and Blindspots report by HP on work styles, 76% of office workers say that working from home during COVID-19 has thinned the barrier between their personal and professional lives. Half of remote office workers say they now see their work device as their own personal device, with 46% admitting to using their work laptop for “life admin”; 30% say they have let someone else use their work device. Meanwhile, 69% of office workers have used their personal laptop or printer for work tasks and activities since the start of the pandemic.

This all amounts to your basic nightmare for IT decision-makers (ITDMs), who stand at the front lines of cyberattacks.

“Users are the point of entry for most attacks—that’s why endpoints account for 70% of successful breaches, with malware almost always being delivered via email attachments, web links, and downloadable files,” says Ian Pratt, Global Head of Security Personal Systems at HP. “Phishing is of particular concern, with attackers using new techniques such as AI-automated spear phishing, where an attacker tailors their lures to a specific individual or group.”

Then there is thread jacking, where an employee’s email account is hijacked and spreads malware by responding within existing conversation threads, making it more likely users will open the attachment or link. (HP PCs come standard with a suite of security features, including HP Sure Sense and HP Sure Click, which proactively prevent threats and ensure fast recovery through software applications if an attack does happen.) And the list goes on, including denial- of-service attacks and—the scariest—ransomware, with serious consequences for employers.

“So it’s no surprise to hear that 54% of ITDMs have seen evidence of a higher number of phishing-related attacks in the last year, which could lead to exposed company data, reputational damage, noncompliance, and loss of customer trust,” says Pratt.

Ultimately, HP Wolf Security provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends across software and services.

Standing at the front lines

Watching the latest installation of HP Wolf Security’s short-film series and the sneaky ways criminals worm their way into enterprise networks, you might get nervous. In the film, actor Christian Slater returns as the Wolf. His hawkish hacker character sips coffee in a cozy bathrobe while showing us how easy it is for him to infiltrate an entire network simply by sending an innocuous-seeming email to a kid playing games on his mom’s work computer. Mom scans a document on her home printer and sends it to her team, and the embedded malware spreads as fast as a living virus.

“Cyberattackers are launching springboard attacks that target kids and their gaming systems with offers of online games and free movies,” says Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs, the threat intelligence and research organization at Fortinet. All it may take is a free game offered through an in-app email, “and once they’re in, with a few lateral moves, the attacker can be on a corporate network,” he says. In fact, FortiGuard Labs saw an average of about 600 new phishing campaigns per day during spring 2020.

This doesn’t mean that all is lost for organizations, especially those that are starting to make active investments to address remote-work security. Advanced AI to evaluate incoming threats and real-time data delivered through HP Wolf Security help remote workers and IT experts stay ahead of modern security threats hitting hard and relentlessly on endpoints such as that work laptop that’s occasionally used by Junior.

Built across 20 years of security and research innovation, HP Wolf Security unifies all of HP’s endpoint security innovations to deliver comprehensive cyber-resiliency under one umbrella, helping consumers, businesses, and IT and security teams navigate ever-growing cyber risks—even ones that come through an innocent game on Roblox.

Keeping employers and data safe

While the nightmare scenario is of a takeover of the enterprise, remote workers can elevate their security measures to prevent such devastating attacks. Aaron Barr, chief technology officer for PiiQ Media, a social media threat intelligence and risk analytics company, offers a few easy starting points. First, he suggests using a variety of email addresses.

“We recommend you have three or four, and segment them by how you use them: personal, financial, social media/digital services, spam,” Barr explains. “That way, when you get a work- related email that comes to the email you use for Instagram or gaming, you know that it didn’t come in through the right account.”

Second, Barr says, is to extend and vary those pesky passwords. “The longer your password, the harder it is to crack,” he says. “Most people use the same email address and password for the $5 Target discount spam as they do to log in to their bank, and that is horrible.” A password manager can help keep those hundreds of passwords in order, while settings on your PC or web browser can alert you to compromised passwords that are exposed, say, through a security breach of a social network.

Many companies provide a virtual private network (VPN) so remote workers can securely connect to company networks to send and receive files, data, and applications from anywhere. Segmenting out your home network so that one sub-network is used only for work and another for “life admin” can also alleviate some work-from-home security stress. Even having separate user logins on the same PC can help build a wall between work and life.

HP’s Pratt believes that recalibrating the need for security against the desires of the worker requires employers to adopt a completely different model of endpoint and work-from-home security—all built on the concept of “zero trust,” a set of engineering best practices devised to secure critical systems.

“Access to work resources should be assessed based on context, such as the user, the device, the geolocation, and the security posture,” says Pratt. Multifactor authentication is one important ingredient of zero trust, he adds.

Detection is just the beginning

The best mitigation is not to put all the responsibility on the remote worker, but to ensure organizations can provide users with enhanced protection, privacy, and threat intelligence.

“The technology of the near future should be secure by design and intelligent enough to not simply detect threats, but to contain and mitigate their impact, as well as to recover quickly in the event of a breach,” Pratt says. The technology of the future, in other words, sniffs out attacks before hackers get anywhere close to bringing a company down. As Christian Slater’s Wolf mischievously warns, “A guy like me, given the keys to the kingdom, what’s the worst that could happen?”

Learn more about HP Wolf Security here.

‍

###

‍Social Media Threat Intelligence Tool Rapidly Delivers Powerful Analytics in Context

‍

CAMBRIDGE, Mass. – April 28, 2021– PiiQ Media, the social media threat intelligence and risk analytics company, announced today the launch of PQ-INTEL, a threat intelligence tool built by analysts and focused on delivering powerful analytics without sacrificing ease of use, all on a single pane of glass. The PQ-INTEL platform brings the company full circle in providing a comprehensive suite of intelligence and risk management products that have value for every layer of the organization.

Click to Tweet: @piiqmedia’s New PQ-Intel Solution Provides Actionable Insights to Reduce #CorporateRisk: https://www.piiqmedia.com/intel #socialmediarisk

PQ-INTEL aggregates social media information across conversations and profiles of interest to gather individual, audience, and conversation insights that have a direct effect on an organization’s reputation or business risk. PQ-INTEL provides more data sources, harnessed within a powerful visualization and analytics framework that deliver unparalleled insights from social media information, in a shorter timeframe.

PQ-INTEL provides context to social media conversations, audiences, influencers and persons of interest that can positively or negatively affect business and brand reputation as well as increase organizational risk. Highlights of the solution include:

• The breadth of data sources ensures a more comprehensive and richer picture of social media conversations and activities, which in turn provides customers with a more accurate picture of reputation and risk.  PiiQ Media has the ability to add new platforms for collection and analysis as customer requirements or the environment grows.
• A fully interactive, single pane of glass with hundreds of combinations of data views and data correlation actions, PQ-INTEL provides analysts the flexibility and freedom to analyze and interrogate the data how they want, and in a manner that best meets their specific mission requirements. 
• The ability to look at social media audiences and their attributes as a key analysis component provides more relevance and context to conversations and persons of interest. The tool can also group persons of interest and conversations to compare and contrast activity, artifacts and relationships. If an organization cannot analyze audiences or conduct comparative analytics over time with like elements, actionable insight is not attainable.
  

Aaron Barr, chief technology officer, PiiQ Media, said: “The breadth of open-source data available lead analysts to spend hours chasing data ghosts down digital rabbit holes. Using our PQ-INTEL platform and a developed process of analysis of topical and location data, we have developed the shortest path to finding value from social media information. Our audience, life pattern and comparative analytics provide necessary background to the data. We offer context for the metrics that matter to an organization’s risk profile.”

‍

About PiiQ 

PiiQ is a social media threat intelligence and risk analytics company. Focused on delivering actionable personal and corporate intelligence and risk assessments using open-source information to stop socially engineered cybersecurity attacks, its SaaS-based platform safeguards enterprise and government organizations from employee, corporate and third-party risk. PiiQ addresses the human element of security with the most advanced threat intelligence analytics and automated risk scoring for individuals and organizations. With the only true spear phishing simulation platform on the market, PiiQ helps customers train, test and educate their workforce on information exposure risks and how to improve their security. Website: www.piiqmedia.com 

‍

###

Holistic view across the open web, social media and the dark web provides enterprises with deeper insight into corporate risk

CAMBRIDGE, Mass. – March 25, 2021 – PiiQ Media, the social media threat intelligence and risk analytics company, announced today the launch of Risk HQ. Risk HQ takes a more comprehensive and continuous view of corporate cyber risk that spans multiple channels, including social media and the dark web, setting it apart from other solutions on the market. It is the only cyber risk solution that provides individual employee assessments and monitoring, giving enterprises deeper insight into corporate risk posture. 

Click to Tweet: New Risk HQ Solution from @piiqmedia Includes Employees in Cyber Risk Assessment: https://www.piiqmedia.com/products/pq-risk-hq #socialmediarisk #threatintelligence

PiiQ’s Risk HQ solution evaluates digital security and risk with an added layer of human attack surface insights at scale through extensive examination of corporate risk posture. Many of the available corporate risk assessment technologies today focus solely on an enterprise’s own cyber or information system’s attack, including which systems and software owned by the organization are publicly accessible and how might they be exploited to gain access to internal information. This is an important aspect of corporate cyber risk, but it misses many key components. 

The FBI’s 2020 Internet Crime Report found that social engineering-based business email compromise (BEC) attacks continue to do the most financial damage to corporations, accounting for $1.8 billion in total estimated losses. Other types of attacks may use existing employee personally identifiable information (PII) that was compromised as part of a previous data breach. Bad actors can also take advantage of increased negative sentiment or conversations regarding the company and/or brands across news, social and open/deep/dark web platforms and sites. All of this information should be monitored and assessed for potential increases in threats and risk to the organization.

More comprehensive monitoring and risk assessment gives an organization more information to make critical decisions regarding exposures and risks. The solution offers:

• Broader assessment of risk for an organization or third party, providing a more complete view of threats, exposures and risks.
• Continued monitoring, comparison, alerting and reporting on risks. A snapshot in time of vulnerabilities and risks doesn’t give the organization an indication of increased or decreased threats and risk. Seeing the threat levels and risk exposure provides information an organization needs to make effective decisions.
• Prioritization of employee monitoring. Since employees are the primary means by which an organization is compromised, it makes sense to prioritize monitoring of employees above monitoring of systems. Risk HQ takes employee monitoring and assessment into account to provide a fuller picture. 

Aaron Barr, chief technology officer, PiiQ Media, said: “The cyber risk landscape continues to expand, yet current solutions neglect the primary source of attacker success: employees. Risk HQ takes a more comprehensive approach to monitoring for corporate risks. It’s the only commercially available solution that takes into account conversations in news, social media, the open and dark web, employee exposures and compromised data, fake pages and profiles. This provides a more complete picture so customers can better protect their data.”

‍

About PiiQ 

PiiQ is a social media threat intelligence and risk analytics company. Focused on delivering actionable personal and corporate intelligence and risk assessments using open-source information to stop socially engineered cybersecurity attacks, its SaaS-based platform safeguards enterprise and government organizations from employee, corporate and third-party risk. PiiQ addresses the human element of security with the most advanced threat intelligence analytics and automated risk scoring for individuals and organizations. With the only true spear phishing simulation platform on the market, PiiQ helps customers train, test and educate their workforce on information exposure risks and how to improve their security. Website: www.piiqmedia.com 

‍

###

SaaS-based platform addresses the human element of security with advanced threat intelligence analytics and automated risk scoring for individuals and organizations

CAMBRIDGE, Mass. – Feb. 24, 2021 – The scope and severity of cyberattacks continues to intensify due to a combination of attack surface expansion, insufficient security awareness and enterprises’ lack of insight into threat intelligence. Highly targeted spear phishing campaigns are increasing, leveraging publicly available social media information to create personalized and believable attacks to compromise employees’ and organizations’ most sensitive data with greater success. 

To address the need for deeper insight and assessment of the risks stemming from social media and other online activity, PiiQ Media is launching PQ-SPEAR. This industry-first solution educates trainees on their personally exposed information through spear phishing simulations, using proactive state of the art technology to prevent future breaches.

Click to Tweet: @piiqmedia Launches PQ-SPEAR to Stop Socially Engineered #Cybersecurity Attacks: https://www.piiqmedia.com/ #spearphishing

Most social media risk assessment technologies fail to provide companies with fully contextualized reports that identify exposure points for attacks based on public information on employees and executives. This additional context is key: spear phishing-based attacks are a significant threat to organizations, relying on personal identifiable information (PII) to exploit the human layer and infiltrate companies.  

PiiQ brings actionable, personal and corporate intelligence and risk assessments using open-source information to stop socially engineered cybersecurity attacks for large enterprises, government agencies and highly regulated industries. The PiiQ SaaS-based platform safeguards customers from employee, corporate and third-party risk. PiiQ addresses the human element of security with advanced threat intelligence analytics and automated risk scoring for individuals and organizations.  

Using PQ-SPEAR, organizations can educate employees on what information they have that’s publicly available and can be used against them. PQ-SPEAR helps companies improve their security posture by: 

• Creating individual PII exposure reports that identify what PII is exposed across their social media profiles and educates them on how to secure the information they would like to keep private.
• Conducting individually contextualized spear phishing simulations that show how a person’s information can and will be used against them. This demonstrates how a spear phishing email can look like it comes from a friend, a colleague or a trusted organization.  
• Educating organizations about the risks and the need to provide more effective policies and guidance on personal, digital hygiene and security. Only when companies embrace the integration of personal security with corporate security postures will their security improve.
  

Aaron Barr, chief technology officer, PiiQ Media, said: “Spear phishing campaigns can now automate the use of public information, much of it coming from social media platforms, making it crucial to track for this kind of exposure among employees when measuring risk. Many of the available social media risk assessment technologies today fail to provide companies with proper reports that highlight exposure points for attacks based on public information on employees and executives. There is no other product like PiiQ SPEAR in the market with capabilities that show and educate trainees on their personally exposed information, or how that information can be crafted into a highly targeted spear phishing attack.”  

About PiiQ 

PiiQ Media is a social media threat intelligence and risk analytics company. Focused on delivering actionable personal and corporate intelligence and risk assessments using open-source information to stop socially engineered cybersecurity attacks, its SaaS-based platform safeguards enterprise and government organizations from employee, corporate and third-party risk. PiiQ addresses the human element of security with the most advanced threat intelligence analytics and automated risk scoring for individuals and organizations. With the only true spear phishing simulation platform on the market, PiiQ helps customers train, test and educate their workforce on information exposure risks and how to improve their security. Website: www.piiqmedia.com 

‍

###