Abusix is in the midst of conducting a State of Trust & Safety Report for 2018, and we’re beginning to see some interesting trends take shape. One stat in particular that drew some attention is that 73% of people believe their abuse managing process could use some improvement. Why is the figure so high?
Shortcomings in abuse handling processes abound within many organizations, and we’re glad people are being honest about them. Here’s a rundown of what’s getting in the way of companies having appropriate abuse management systems.
One of the most important determinants of whether abuse management is up to speed is, well, whether it’s up to speed. Many abuse handling platforms simply don’t have the swiftness to identify vulnerabilities, react, and counter attacks in real time. Insufficient response times greatly increase the chance of a small threat escalating into something that’s much less manageable (and potentially much more disruptive).
It’s also worth pointing out that attacks that are dealt with quickly often engender attackers to look elsewhere. It’s like that old joke about outrunning the bear where you don’t need to be faster than the bear; you just have to be faster than the guy you’re with. For that to work, your platform and response time actually has to be faster than the other guy’s.
Inability To Parse Information
Up-to-date abuse networks manage huge volumes of reports, classify them according to event type and risk level, and then sort them neatly. Subpar abuse networks don’t. Simple.
Most companies, unfortunately, fall into the latter category. Some even attempt to manually address the swaths of abuse reports that roll in every day of the week, even on weekends and holidays. How are you supposed to detect and neutralize high-priority threats in all of that? Which brings us to our next shortcoming...
We’ve already discussed speed, which is high on the priority list. There are two more factors at play that absolutely require priority:
- Sustainable Solutions
- Holistic Approaches
Handling abuse necessitates a sustainable solution for both the network and the customer. The end-goal is to only have to deal with any given problem once. This’ll save you a lot of hassle down the road when what’s done really is done. Additionally, abuse management systems must address problems at their core so as to minimize further support tickets, which not only waste your team’s time and resources, but also threaten the security of your network.
Taking a holistic approach to handling abuse by working towards a 100% abuse-free network is ambitious, but a goal worth setting. Collect as much data as possible, make abuse a top priority in your organization, automate as many processes as possible for full protection, be attentive to staying up-to-date on cyber security and the rest of the industry, and be vigilant in ensuring your processes improve over time.
Out Of Date Processes And Methodologies
Oh boy; we see this one a lot. A lot.
Old processes are better than nothing at all, (which is the situation many organizations find themselves in) but it’s not exactly an excuse to pat yourself on the back. We continually see companies who use incredibly inefficient abuse handling tools that cannot handle the incoming stream of alerts, reports, and attacks. Furthermore, these outdated processes act as a bottleneck on a company's scaling and growth. Yikes.
SEE ALSO: Are You Using Prehistoric Processes?
There are a lot of organizations out there whose Acceptable Use Policies are anything but. We’ve seen policies that attempt to detail every intricate facet of how customers are allowed to act on their network. We’ve seen policies that have great terms, but no feasible enforcement mechanism in place. We’ve seen policies that are inconsistent across different products and services, or whose provisions are inconsistent across users themselves.
No, no, and double no. Policies must be detailed, yet understandable, agreeable, and enforceable. They also must be consistent and well-defined. No funny business, okay?
Many organizations find themselves allocating precious time and resources on relatively unimportant things.
For example, people overwhelmingly cite “spam” as the biggest ISP threat, but volume of threats does not translate directly to significance, much less priority. Botnets, malware, and client vulnerabilities that serious damage your customers come first. That’s a good decision to make.
Another good decision is to think about the underlying problems that your reports and data are pointing you toward. If one particular client is under siege, for instance, it may make far more sense to devote attention to what’s going on with that client rather than sifting through the thousands of reports mindlessly.
Altogether, the industry needs better access to better data, which in turn encourages and is the driving force behind smarter decisions.
We Saw The Writing On The Wall, So We Made AbuseHQ
AbuseHQ addresses all 6 of these widespread shortcomings that the industry is experiencing. It does so by integrating into your existing infrastructure and providing you with a sophisticated, up-to-date system for managing all of your abuse problems. Not only does it reduce abuse and support tickets through smart automation processes, but it allows teams to spend less time on abuse issues and more time on dealing with significant threats.
Lastly, and most importantly, we need your help. Whether you’re simply a member of the industry or are a thought-leader/influencer within it, we’d love to have your input so we can paint the most accurate picture possible of what’s going on. As a thank you, we’ll give you a copy of the results before the 2018 Report is officially released.