Balancing risk vs. reward: online brand protection in an era of tight purse strings

Financial pressures are increasing for many businesses.

Already squeezed from the ongoing costs associated with Covid and Brexit, businesses are now facing soaring inflation, increasing fuel prices and a tight labour market. This outlook for businesses is increasingly gloomy as fears of a recession take hold.

With rising overheads and the potential of reduced income, financial struggles are already  a reality for many. Valuations are dropping and even the big tech giants – such as Shopify and SAP – have had to lay off staff and freeze hiring in bids to withstand these new market conditions. With financial resources under pressure, businesses should look to other areas to make cost savings as their strategy shifts into survival mode.

As businesses consolidate their finances, there is a risk that web domains and effective domain portfolio management could be deprioritised. This would be a mistake. Yet brands do. The knock on effects of poor web domain management can damage a brand’s reputation through loss or compromise of online presence, leading to far more costly issues in the long-term.

Everything hinges on a business’ online presence

Web domains are one of an organisation’s most valuable assets. They are the representation of a brand’s online presence and all operations from emails to the business website rely on their integrity and security. However, businesses often underestimate how integral domains are to the running of all operations, and sadly do not realise the importance of protecting them before it is too late.

No business is exempt from a domain-related cyber-attack. Domain squatters who register and sit on a top level domain (TLD) with bad faith are ready to profit from a trademark belonging to someone else. If domains lapse or are exploited by these squatters or scammers, a business could be in serious trouble without the right protections and controls in place. More often than not, businesses find themselves scrambling to pay off a ransom to quickly resolve the problem – something which will end up being a significantly larger financial hit than if domains were properly managed in the first place.

It is never a one and done deal when it comes to a domain-related cyber incident. Businesses will face even higher costs in the long run as the interruption of services and online traffic could result in the potential loss of customers as a lack of trust ensues. There is also the potential for reputational damage, leading to longer term revenue losses.

Now more than ever domain vigilance is key

Domain related scams continue to be on the rise – statistics from APWG show that phishing reached an all-time high in July 2021, with over a quarter of a million attacks in a single month. And this continues to grow.

With rising inflation and energy costs contributing to the cost of living crisis in the UK, these are the times when cybercriminals use tactics to make a quick buck. Alongside this, when customers are also feeling the pinch, they are even more likely to fall prey to these criminals, chasing deals that often end up being too good to be true.

Now more than ever, having a strong cybersecurity strategy and being vigilant about company domains is key. Protecting your domain name portfolio is a necessary cost that shouldn’t be cut, no matter the financial struggles the business is facing.

The toll that domain related scams can take

A DDoS attack is a distributed denial of service in which cyber criminals use a flooding tactic which overwhelms the server and takes operations offline. Twitter infamously experienced this type of attack back in 2016. The outages were the result of several DDoS attacks on the DNS provider, Dyn, and affected 10s of millions of IP addresses. For 2 hours users trying to access Twitter were met with an error message. Users were left frustrated, Twitter’s revenue was impacted and the business’ security reputation was damaged.

This type of scam affecting customers is likely to fall back on the brand itself as customers impacted by interrupted services will be coming to the brand to rectify issues. The brand will ultimately be the one left to pick up the pieces, with customers expecting them to take responsibility should the scam be successful.

This leaves companies to deal with a huge level of complaints on top of scrambling to reverse the impact of the attack. This will take its toll on businesses as they are forced to channel resources towards dealing with complaints and dissatisfaction.

The DDoS attack on GitHub in 2018, an online code management site used by millions of developers, proved to be a very different story. In the same way, servers were overwhelmed with spoofed requests, taking services offline. However, GitHub was using a domain protection service which automatically detected the attack. The alert triggered a process of migration which stopped the attack quickly – in the end, the outage only last 12 minutes.

Cost-effectively protecting your brand

A business’ domain portfolio can be huge, spanning multiple jurisdictions each with their own rules and regulations. In an ideal world, brands should protect every domain, however, for many businesses this simply isn’t financially possible. This leaves businesses wondering where to start and which domains to register. That is why when it comes to managing domain portfolios in tighter financial times, it is about creating a strategy that balances risk against reward.

A good place to start is to consider rightsizing the domain portfolio. To afford the most cost-effective protection, business need to audit their domain name portfolio to identify which provide the maximum value to an organisation, and therefore should be protected accordingly.

Businesses can do this by appointing a domain portfolio manager, who can advise on the domains that should be protected and those that would provide minimal value and pose a minimal threat. Businesses can then take a calculated decision over which domains deliver business value.

Final Words

Having a coherent and secure web domain strategy is key to businesses withstanding domain related attacks. Those that take this seriously will strengthen their brand credentials and improve their customer relationships. A cost effective way for brands to ensure they are protecting themselves online starts with arming the business with relevant knowledge, whilst rightsizing allows domains to be prioritised and protected relative to their threat level.

Despite these times of financial stress, now is not the time to start cutting corners by sacrificing this crucial protection in a bid to save on overheads. Cutting these crucial corners may allow some financial wiggle room short term, however, lost brand reputation in the event of a domain-related cyber incident is not something you can buy back.

About the Author

Tim Brown is Head of Brand Protection at Com Laude. Com Laude provides domain name portfolio management services and online brand protection for brand owners. We are trusted by business and legal professionals who value the strategic advice and focus on security and cost-effective solutions we provide. We treat domains as valuable internet assets to be nurtured throughout their lifecycle from registration to renewal.

Featured image: ©Kittiphat