Attack wins the battle, but defence wins the war

There are two types of commercial entities in the world today. Those that know their intellectual property is being abused and those that don’t want to know. Technology has brought great opportunities for organisations to grow their global footprint cost-effectively and efficiently, but it has also increased the threat they face in the digital landscape.

Twenty years ago the greatest challenges businesses faced online were cyber and typo squatters. Today, they also have to deal with social media abuse, both in terms of passing off and reputational damage, fake mobile apps and online counterfeits, not to mention the constant threat posed by malicious attacks on critical infrastructure such as DNS and email.  The emergence of the role of the Chief Security Officer is a barometer to the challenges organisations face.

The term ‘brand protection’ has come to encompass all of the potential measures a business can deploy to mitigate the impact of online threats, whether they come in the form of intellectual property infringement and abuse, reputational damage or cyber-attacks. But at the very heart of any brand protection strategy is the need to protect the digital assets of a business – the domain names.

Without a robust domain name strategy, abuse and infringement are an open goal for the bad actors. They know they can maliciously act at will, profiting from the work of others with impunity and little fear of detection or sanction. For those brands that are unaware they may have an issue, it is normally a real wake-up call when they discover the activities that are damaging their revenues and reputation online.

Many moons ago there was a thought process that registering the most critical keywords to a business across all available TLDs was the best approach. Whilst that may protect against a high level of abuse, it was prohibitively expensive and did not take into consideration common spelling (typosquatting) or even the use of hyphens to break up keywords. And then came the expansion of the domain name space through ICANN’s new gTLD programme, which has seen over 500 new open generic TLDs launched.

The development of effective domain name monitoring solutions provided the first cost-effective brand protection solution for organisations. The ability to monitor, rather than register, keywords across most TLDs was a game-changer, although it still required some manual effort to determine whether potential infringing registrations were indeed a problem now or in the future with many false positives being flagged by the systems used.

But it was a starting point and as technology, such as artificial intelligence has been developed, monitoring solutions such as Com Laude’s Watch have meant that only the most relevant infringements are being flagged for action.  Actionable intelligence are the keywords in today’s brand protection world – highlighting those domain registrations that pose the most immediate threat to revenue and reputation where swift responses are required.

Infringing domain names can be registered at any time, in most TLD through any registrar anywhere in the world. So it is key that a monitoring solution can identify registered names across the full length and breadth of the domain universe but also be able to ensure only the most relevant infringing names are identified. Presenting a long list of domain names that may be abusive for an organisation to determine themselves is not a productive use of anyone’s time.

There is a multitude of factors that will determine the relevance and extent of infringing registrations. Some will be genuine – unlike domain names, identical trademarks can exist and will be used by different organisations – think Volkswagen Polo, Nestle’s Polo and Ralph Lauren Polo, which means taking action against what appears to be an infringement may cause more problems than it solves. But others will pose a risk such as whether there is an active website, how many domain names does the registrant have, is it being used for email (and thus potential phishing campaigns)?

The key to creating a successful online brand protection strategy is understanding what the main threats are to the brand and the battles that can be quickly won. Effective online brand protection is a collaborative process, both in terms of the internal resources and external experts such as Com Laude but as the starting point, domain name monitoring provides the strategic base from which to explore the attacking options, which we will discuss in the next blog.