> ## Documentation Index
> Fetch the complete documentation index at: https://chainpatrol.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Who Should Be Involved in Brand Protection

> Key stakeholders and team members essential for effective brand protection

Effective brand protection requires collaboration across your organization. This guide identifies the key stakeholders who should be involved and explains their unique contributions to your security program.

## Key Stakeholders

### Knowledge Owners

These team members have the most profound understanding of your brand, its legitimate presence, and authorized activities.

<AccordionGroup>
  <Accordion title="Founders and C-Suite Executives" icon="user-tie">
    **Why they're critical:** Founders and executives have the complete picture of your company's strategic direction, partnerships, and official communications.

    **What they contribute:**

    * Know all official company accounts across platforms
    * Understand authorized partnerships and affiliate relationships
    * Can quickly identify unauthorized use of company branding
    * Make final decisions on brand protection policies and budgets
    * Approve official responses to brand impersonation incidents

    **When to involve them:**

    <CardGroup cols={2}>
      <Card title="Program Setup" icon="rocket">
        Initial brand protection program setup
      </Card>

      <Card title="High-Severity Incidents" icon="triangle-exclamation">
        Incidents affecting company reputation
      </Card>

      <Card title="Strategic Decisions" icon="chart-line">
        Brand protection investments and policies
      </Card>

      <Card title="Executive Impersonation" icon="user-shield">
        CEO fraud or executive social media impersonation
      </Card>
    </CardGroup>
  </Accordion>

  <Accordion title="Marketing Teams" icon="bullhorn">
    **Why they're critical:** Marketing teams create and manage most of your brand's public-facing presence.

    **What they contribute:**

    * Maintain comprehensive lists of all official social media accounts
    * Know current and past marketing campaigns that scammers might impersonate
    * Understand your brand's visual identity, messaging, and voice
    * Track influencers, ambassadors, and partners authorized to represent your brand
    * Identify subtle brand guideline violations that others might miss

    **When to involve them:**

    <Steps>
      <Step title="Brand Monitoring Setup">
        Setting up brand monitoring configurations
      </Step>

      <Step title="Threat Review">
        Reviewing potential impersonation threats
      </Step>

      <Step title="Content Legitimacy">
        Determining if promotional content is legitimate
      </Step>

      <Step title="Response Templates">
        Creating response templates for brand abuse cases
      </Step>

      <Step title="Training">
        Training other teams on brand guidelines
      </Step>
    </Steps>
  </Accordion>

  <Accordion title="Security Teams" icon="shield-halved">
    **Why they're critical:** Security teams bring technical expertise and incident response capabilities.

    **What they contribute:**

    * Understand phishing tactics and social engineering techniques
    * Can assess technical sophistication of threats
    * Know your organization's security tools and infrastructure
    * Have established incident response procedures
    * Connect brand protection to broader security strategy

    **When to involve them:**

    * Initial system setup and security configuration
    * Evaluating high-risk threats
    * Incidents involving credential theft or data breaches
    * Integration with existing security tools and workflows
    * Security awareness training programs
  </Accordion>

  <Accordion title="Development Teams" icon="code">
    **Why they're critical:** Developers understand your technical infrastructure and can help identify technical impersonation.

    **What they contribute:**

    * Know all legitimate domains, subdomains, and APIs
    * Understand your application's technical fingerprint
    * Can identify fake apps, cloned websites, and API abuse
    * Implement technical integrations with brand protection tools
    * Develop custom detection rules or automation

    **When to involve them:**

    <CardGroup cols={2}>
      <Card title="Asset Identification" icon="link">
        Identifying all legitimate technical assets
      </Card>

      <Card title="API Integration" icon="plug">
        Setting up API integrations and webhooks
      </Card>

      <Card title="Custom Rules" icon="code">
        Creating custom detection rules for technical threats
      </Card>

      <Card title="Technical Threats" icon="bug">
        Reviewing threats targeting developer communities
      </Card>
    </CardGroup>
  </Accordion>
</AccordionGroup>

## Threat Reporters

These team members are your eyes and ears, often the first to spot brand abuse in the wild.

<Tabs>
  <Tab title="Community Members" icon="users">
    **Why they're critical:** Your community often encounters scams before your internal teams do.

    **What they contribute:**

    * First-hand experience with phishing attempts targeting your users
    * Real-time visibility into social media impersonation
    * Ground-level perspective on what threats actually affect users
    * Authentic feedback on potential false positives

    **How to enable them:**

    <Steps>
      <Step title="Easy Reporting">
        Provide easy reporting mechanisms (dedicated email, web form, Discord channel)
      </Step>

      <Step title="Clear Guidelines">
        Create clear guidelines for what to report
      </Step>

      <Step title="Acknowledge Reports">
        Acknowledge and thank community reporters
      </Step>

      <Step title="Share Updates">
        Share general updates about brand protection efforts (without sensitive details)
      </Step>

      <Step title="Reward Program">
        Consider a bug bounty or reward program for security reports
      </Step>
    </Steps>
  </Tab>

  <Tab title="Brand Ambassadors" icon="star">
    **Why they're critical:** Ambassadors have large followings and are frequent impersonation targets.

    **What they contribute:**

    * Report impersonation of their own accounts that reference your brand
    * Identify scams targeting your community through their channels
    * Help educate their followers about legitimate brand communications
    * Amplify official security warnings

    **How to enable them:**

    <CardGroup cols={2}>
      <Card title="Scam Pattern Training" icon="graduation-cap">
        Brief them on common scam patterns targeting your community
      </Card>

      <Card title="Direct Contact" icon="phone">
        Give them a direct contact for urgent reports
      </Card>

      <Card title="Official Statements" icon="file-lines">
        Provide them with official statements they can share
      </Card>

      <Card title="Monitor Impersonation" icon="eye">
        Monitor for impersonation of their accounts related to your brand
      </Card>
    </CardGroup>
  </Tab>

  <Tab title="SOC Analysts" icon="desktop">
    **Why they're critical:** If you have a Security Operations Center (SOC), analysts monitor threats 24/7.

    **What they contribute:**

    * Continuous monitoring of security alerts and threat feeds
    * Triage and prioritize brand protection alerts
    * First-line analysis of potential threats
    * Escalate high-priority incidents to appropriate teams
    * Document and track incident patterns

    **How to enable them:**

    * Integrate ChainPatrol alerts into existing SOC tools (SIEM, ticketing systems)
    * Provide clear escalation procedures and runbooks
    * Define severity levels and response SLAs
    * Give access to brand protection dashboards
    * Include brand protection metrics in SOC reporting
  </Tab>

  <Tab title="Customer Support" icon="headset">
    **Why they're critical:** Support teams interact directly with customers who may have fallen victim to scams.

    **What they contribute:**

    * Receive direct reports from users who encountered scams
    * Identify patterns in customer complaints about suspicious communications
    * Gather detailed information about scam tactics from victims
    * Provide immediate assistance to affected customers
    * Reduce impact by quickly identifying and escalating threats

    **How to enable them:**

    <AccordionGroup>
      <Accordion title="Training" icon="graduation-cap">
        Train them to recognize and document phishing reports
      </Accordion>

      <Accordion title="Response Templates" icon="file-lines">
        Create templates for customer responses about security incidents
      </Accordion>

      <Accordion title="Escalation Process" icon="arrow-up">
        Give them a clear process to escalate brand abuse reports
      </Accordion>

      <Accordion title="Post-Incident Reviews" icon="magnifying-glass">
        Include them in post-incident reviews to improve response
      </Accordion>

      <Accordion title="Threat Updates" icon="bell">
        Provide regular updates on active threats to watch for
      </Accordion>
    </AccordionGroup>
  </Tab>

  <Tab title="Communications & PR" icon="newspaper">
    **Why they're critical:** Comms teams manage public messaging during and after security incidents.

    **What they contribute:**

    * Craft official statements about brand impersonation incidents
    * Coordinate public warnings about active scams
    * Monitor social media and news for brand mentions related to scams
    * Manage reputation during high-profile incidents
    * Interface with media during major security events

    **When to involve them:**

    * Widespread scams affecting many users
    * Incidents gaining media attention
    * Coordinated takedown efforts that should be publicized
    * Creating proactive security awareness campaigns
    * Responding to public questions about brand security
  </Tab>
</Tabs>

## Technical Implementation

These team members handle the integration and technical setup of brand protection tools.

<CardGroup cols={3}>
  <Card title="IT Teams" icon="server">
    Handle infrastructure and access
  </Card>

  <Card title="Engineering Teams" icon="code">
    Build custom integrations
  </Card>

  <Card title="Support Operations" icon="gears">
    Manage support tool workflows
  </Card>
</CardGroup>

<AccordionGroup>
  <Accordion title="IT Teams" icon="server">
    **Why they're critical:** IT teams manage your organization's technology infrastructure and access controls.

    **What they contribute:**

    * Provision access to brand protection tools for appropriate staff
    * Integrate tools with existing IT infrastructure
    * Manage SSO and authentication for security platforms
    * Ensure compliance with IT security policies
    * Handle technical troubleshooting and vendor coordination

    **When to involve them:**

    <Tabs>
      <Tab title="Setup" icon="rocket">
        * Initial tool procurement and setup
        * User access management and permissions
        * SSO configuration and integration
      </Tab>

      <Tab title="Operations" icon="gears">
        * Network and firewall configuration for tool access
        * Regular access reviews and audits
        * Technical troubleshooting
      </Tab>
    </Tabs>
  </Accordion>

  <Accordion title="Engineering Teams" icon="code">
    **Why they're critical:** Engineers can build custom integrations and automation.

    **What they contribute:**

    * Develop custom integrations using brand protection APIs
    * Build internal dashboards combining multiple data sources
    * Create automated workflows for threat response
    * Develop custom detection logic for your specific use case
    * Implement webhook handlers for real-time alerts

    **When to involve them:**

    <CardGroup cols={2}>
      <Card title="Custom Integrations" icon="plug">
        Building integrations with internal tools
      </Card>

      <Card title="Automation" icon="robot">
        Automating repetitive brand protection tasks
      </Card>

      <Card title="Custom Reporting" icon="chart-bar">
        Creating custom reporting or dashboards
      </Card>

      <Card title="Detection Rules" icon="filter">
        Developing organization-specific detection rules
      </Card>
    </CardGroup>
  </Accordion>

  <Accordion title="Customer Support Operations/Engineering" icon="gears">
    **Why they're critical:** Support operations teams manage support tools and workflows.

    **What they contribute:**

    * Integrate brand protection alerts into support ticketing systems
    * Configure routing rules for security-related support tickets
    * Build custom views and reports for support teams
    * Train support staff on new tools and processes
    * Optimize support workflows for efficiency

    **When to involve them:**

    * Integrating with support platforms (Zendesk, Intercom, etc.)
    * Creating macros and templates for common responses
    * Setting up automated ticket routing and tagging
    * Building support team dashboards
    * Training support staff on technical tools
  </Accordion>
</AccordionGroup>

## Building Your Brand Protection Team

<Info>
  You don't need all of these roles to get started. Start with the knowledge owners and threat reporters, then expand to technical implementation as your program matures.
</Info>

### Minimum Viable Team

For most organizations, start with:

<Steps>
  <Step title="Executive Sponsor">
    One C-suite or senior leader to champion the program
  </Step>

  <Step title="Marketing Representative">
    Someone who knows all official brand assets
  </Step>

  <Step title="Security Contact">
    A security team member to handle technical threats
  </Step>

  <Step title="Community Manager">
    Someone to coordinate community reporting
  </Step>
</Steps>

### Scaling Your Team

As your program grows, add:

<CardGroup cols={2}>
  <Card title="Dedicated Analyst" icon="user">
    Full-time role for threat monitoring and response
  </Card>

  <Card title="Engineering Support" icon="code">
    Developer time for custom integrations
  </Card>

  <Card title="Support Training" icon="graduation-cap">
    Train support team on security reporting
  </Card>

  <Card title="PR Coordination" icon="newspaper">
    Communications team for public incidents
  </Card>
</CardGroup>

***

<Card title="Need Help Building Your Team?" icon="users" href="https://cal.com/chainpatrol">
  Schedule a consultation to discuss the right team structure for your organization
</Card>
