© Cyveillance, Inc. 2014
Cyveillance Confidential
Who We Are
Cyveillance has scoured the Web since 1997. Our mission is to identify
online risks to our clients’ people, intellectual property, revenues and
reputation.
© Cyveillance, Inc. 2014
Cyveillance Confidential
2
The Problem
These threats evolve on an ever-expanding attack surface of new
sources, amid changing business and regulatory requirements.
IP
© Cyveillance, Inc. 2014
Cyveillance Confidential
Threat Actors
Who are the Pirates of Certification?
• Individuals trying to make money by selling exams or exam-related
content (illicit prep programs, enterprising “entrepreneurs” etc.)
• Organized groups or individuals attempting to cheat on the exam for
malicious reasons
• Organized groups or individuals attempting to help each other pass
the exam as perceived duty
• Inadvertent disclosures by overly chatty test takers (especially in
social media)
© Cyveillance, Inc. 2014
Cyveillance Confidential
4
Is your ship safe?
Organizations invest heavily in test development, who needs to worry
about being compromised?
• Organizations who administer certifications and exams using online
testing environments
• Organizations who test in many geographic locations (especially in
multiple time zones)
• Organizations who must accommodate a wide range of cultural
groups (assisting your neighbors is not always perceived as cheating)
• Organizations who administer to heavy social media users
(especially teens and young adults)
• Organizations who administer high stakes/high profile/barrier to
entry exams
© Cyveillance, Inc. 2014
Cyveillance Confidential
5
How do you right the ship?
Who is taking advantage of online monitoring services?
• Organizations where exam administration is their core competency
and top revenue generator
• Organizations who currently test outside of the US or plan on
extending their reach overseas
• Organizations that administer CBT’s or are looking to move to a CBT
platform
• Organizations that re-use item banks
© Cyveillance, Inc. 2014
Cyveillance Confidential
6
The Technology for Catching Pirates
Our platform combines collection, scoring and workflow tools to isolate
relevant findings cost-effectively from a wide range of sources.
ON A TYPICAL DAY FOR A LARGE CLIENT
In The Wild: We screen billions of pages, posts
and updates for client- and threat-related activity
20K
(Ingested)
-18K
(Cleared by Scoring)
2K
(Human Review)
1 Alert
© Cyveillance, Inc. 2014
Initial Collection: The customer’s brand, CEO,
addresses, and other Client Indicators bring in
10-30K new items
Scoring: Threat lexicons, known bad actors &
language algorithms pre-screen the raw take,
reduce candidate findings by 90-95%
Vetting & Validation: Analysts review candidate
findings for true relevance
Cyveillance Confidential
Technology + People
Our systems distill the data, so our analysts spend time analyzing, not
searching for, useful findings.
•
Cyveillance technology is language agnostic to better address global threats
•
Analyst backgrounds are primarily in business, law and intelligence analysis
•
Fluency in nearly 20 languages
© Cyveillance, Inc. 2014
Cyveillance Confidential
8
The Landscape
Where do we find these pirates?
• Social Media – Especially Twitter and Facebook. As new
environments pop up they are often used as well. Over the past two
years incident volume on Vine and Instagram saw spikes in volume
• Message Boards – Particularly boards dedicated to the subject matter
for the exam being administered
• Document Sharing Sites – Sites like Scribd and Docstoc that allow
users to post content for easy distribution. Some of these sites offer
incentives for users to post content
• Prep Programs and Exam Prep Material Sites – Prep sites that offer
score increase or “Pass or your money back” guarantees
• The “Dark” Web – The web doesn’t stop at Google…
© Cyveillance, Inc. 2014
Cyveillance Confidential
9
What Does Monitoring Allow You to See?
Suspicious Prep Courses offering guarantees.
© Cyveillance, Inc. 2014
Cyveillance Confidential
10
What Does Monitoring Allow You to See?
Exam Prep Material that may contain actual exam content, including
potentially rogue mobile applications.
© Cyveillance, Inc. 2014
Cyveillance Confidential
11
What Does Monitoring Allow You to See?
Official test prep material put out by your organization that may not be
eligible for third party distribution (Copyright Infringements).
© Cyveillance, Inc. 2014
Cyveillance Confidential
12
What Does Monitoring Allow You to See?
In some instances you may even find actual live test content or images
taken during admins.
© Cyveillance, Inc. 2014
Cyveillance Confidential
13
Can I handle the load?
Incident volume is dependent upon multiple factors.
•
•
•
•
Frequency of exam administrations
Geographic reach of the exam
Popularity of the exam
Age and reach of your audience
© Cyveillance, Inc. 2014
Cyveillance Confidential
14
What else can be done?
Augment monitoring with other deterrents.
• Educate test takers on the importance of the integrity of the exam
• Work closely with third party test administrators (Pearson Vue, ETS,
Prometric etc.) to ensure that proper security protocols are being
met and followed
• Prepare for breaches…they will happen
• Ensure that your exam security departments work closely with your
psychometricians and test content developers so you can identify
compromised content efficiently
© Cyveillance, Inc. 2014
Cyveillance Confidential
15
Q&A, Contact Information
Richard Whitman
rwhitman@cyveillance.com
703.351.1000 (Main Office)
www.cyveillance.com
https://blog.cyveillance.com/
http://www.linkedin.com/company/cyveillance
https://twitter.com/Cyveillance
http://www.brighttalk.com/channel/9865
© Cyveillance, Inc. 2014
Cyveillance Confidential