© cyveillance, inc. 2014 cyveillance confidential

© Cyveillance, Inc. 2014 Cyveillance Confidential2

Cyveillance has scoured the Web since 1997. Our mission is to identify online risks to our clients’ people, intellectual property, revenues and reputation.

Who We Are


The Problem

These threats evolve on an ever-expanding attack surface of new sources, amid changing business and regulatory requirements.

IP


Threat Actors

• Individuals trying to make money by selling exams or exam-related content (illicit prep programs, enterprising “entrepreneurs” etc.)

• Organized groups or individuals attempting to cheat on the exam for malicious reasons

• Organized groups or individuals attempting to help each other pass the exam as perceived duty

• Inadvertent disclosures by overly chatty test takers (especially in social media)

4

Who are the Pirates of Certification?


Is your ship safe?

• Organizations who administer certifications and exams using online testing environments

• Organizations who test in many geographic locations (especially in multiple time zones)

• Organizations who must accommodate a wide range of cultural groups (assisting your neighbors is not always perceived as cheating)

• Organizations who administer to heavy social media users (especially teens and young adults)

• Organizations who administer high stakes/high profile/barrier to entry exams

5

Organizations invest heavily in test development, who needs to worry about being compromised?


How do you right the ship?

• Organizations where exam administration is their core competency and top revenue generator

• Organizations who currently test outside of the US or plan on extending their reach overseas

• Organizations that administer CBT’s or are looking to move to a CBT platform

• Organizations that re-use item banks

6

Who is taking advantage of online monitoring services?


The Technology for Catching Pirates

Our platform combines collection, scoring and workflow tools to isolate relevant findings cost-effectively from a wide range of sources.

ON A TYPICAL DAY FOR A LARGE CLIENT

In The Wild: We screen billions of pages, posts and updates for client- and threat-related activity

Initial Collection: The customer’s brand, CEO, addresses, and other Client Indicators bring in 10-30K new items

Scoring: Threat lexicons, known bad actors & language algorithms pre-screen the raw take, reduce candidate findings by 90-95%

Vetting & Validation: Analysts review candidate findings for true relevance

20K(Ingested)

-18K(Cleared by Scoring)

2K(Human Review)

1 Alert

© Cyveillance, Inc. 2014 Cyveillance Confidential8

Our systems distill the data, so our analysts spend time analyzing, not searching for, useful findings.

• Cyveillance technology is language agnostic to better address global threats

• Analyst backgrounds are primarily in business, law and intelligence analysis

• Fluency in nearly 20 languages

Technology + People


The Landscape

• Social Media – Especially Twitter and Facebook. As new environments pop up they are often used as well. Over the past two years incident volume on Vine and Instagram saw spikes in volume

• Message Boards – Particularly boards dedicated to the subject matter for the exam being administered

• Document Sharing Sites – Sites like Scribd and Docstoc that allow users to post content for easy distribution. Some of these sites offer incentives for users to post content

• Prep Programs and Exam Prep Material Sites – Prep sites that offer score increase or “Pass or your money back” guarantees

• The “Dark” Web – The web doesn’t stop at Google…

9

Where do we find these pirates?


What Does Monitoring Allow You to See?

10

Suspicious Prep Courses offering guarantees.



11

Exam Prep Material that may contain actual exam content, including potentially rogue mobile applications.



12

Official test prep material put out by your organization that may not be eligible for third party distribution (Copyright Infringements).



13

In some instances you may even find actual live test content or images taken during admins.


Can I handle the load?

• Frequency of exam administrations• Geographic reach of the exam• Popularity of the exam• Age and reach of your audience

14

Incident volume is dependent upon multiple factors.


What else can be done?

• Educate test takers on the importance of the integrity of the exam• Work closely with third party test administrators (Pearson Vue, ETS,

Prometric etc.) to ensure that proper security protocols are being met and followed

• Prepare for breaches…they will happen• Ensure that your exam security departments work closely with your

psychometricians and test content developers so you can identify compromised content efficiently

15

Augment monitoring with other deterrents.


Richard Whitman [email protected] (Main Office)

www.cyveillance.com

https://blog.cyveillance.com/http://www.linkedin.com/company/cyveillance

https://twitter.com/Cyveillancehttp://www.brighttalk.com/channel/9865

Q&A, Contact Information

mailto:[email protected]

© cyveillance, inc. 2014 cyveillance confidential

Documents

cyveillance confidential

cyveillance technology

cheating organizations

alert slide

ip slide

cbt platform organizations

young adults organizations

reach overseas organizations