By nature of its name and reputation, the so-called "dark web" has acquired a unique reputation. Danny Rogers of Terbium Labs discusses some of the key myths and realities about the dark web, as well as how organizations should monitor it.
"There certainly are a lot of pervasive myths about the dark web," says Rogers, CEO and co-founder of Terbium Labs. "I've heard everything from '23 people control the whole dark web,' which is kind of absurd, all the way to 'the dark web is many times larger than the rest of the legitimate internet,' which is also not true."
What is true is that the dark web is large, growing, and it's a well-traveled marketplace for data exfiltrated from breached organizations. And this is where organizations need to pay attention to the dark web, Rogers says.
"Monitoring the dark web is actually a key element of knowing what your security posture currently is, and knowing if you have a problem you probably didn't know about," he says. "Whatever sort of information you have on your network, if you're [breached], the odds are very strongly that some indicator of compromise will end up on the dark web."
In an interview about demystifying the dark web, Rogers discusses:
Key myths and realities of the dark web; How organizations should monitor the dark web; What to do with information that is found.Rogers is the co-founder and CEO of Terbium Labs, an information security and data intelligence startup based in Baltimore, Maryland. He is a computational physicist with experience supporting defense and intelligence community cyber operations, as well as startup experience in the defense, energy, and biotechnology sectors. He is an author and expert in the field of quantum cryptography and has published numerous patents and papers on that and other subjects. Prior to co-founding Terbium Labs, he managed a portfolio of physics and sensor research projects at the Johns Hopkins University Applied Physics Laboratory.