EXECUTIVES

In the corporate realm, senior executives are primary targets of hackers, fraud and phishing scams due to their high level of access to valuable corporate information. Threat actors will also pursue a principal’s family and immediate associates as an entry point into a security breach. Locating the information necessary to target high profile individuals, their families, and staff have never been easier.

FAQ

Mobile security. Executives and high-ranking officials are often called upon for domestic and international business travel. Their extensive use of mobile platforms while on the road and during their commutes increases the odds of a mobile security threat. Like viruses and spyware that can infect computers, there are security threats specific to devices such as smartphones, tablets, and connected IoT devices. Mobile threats can be divided into four basic categories: application-based threats, web-based threats, network-based threats, and physical threats. Biggest mobile security threats: *Data leakage, *Social engineering, *Wi-fi interference, *Out-of-date devices, *Cryptojacking, *Poor password hygiene, *Physical device breaches
Increased Likelihood of Cyber Crimes against Businesses. No matter the size of the organization, one of the most prominent challenges executives face is the risk of their business becoming a cyber crime target. Common motives for attacking a principal are financial, revenge, or activist related. Now more than ever, executive digital protection has become a business necessity. And with cyber crimes against businesses on the rise, it’s only a matter of time before executives are face to face with a cybersecurity threat
Social media. An executive’s social media habits and preferences can be leveraged by a threat actor to gain access to their data, and in turn, damage their organization’s brand. When considering any form of executive digital protection, analyzing the social media usage of the executive and their family should be a key part of the conversation. Hackers can use public information on social media platforms such as LinkedIn, Instagram, Facebook, and other sites to build profiles of targets. This profile can be used to tailor a phishing attack or coerce the target. An attack on an executive can cause a significant amount of brand damage. And being able to protect them on the cyber front is very important.
Business Email Compromise Scams (BEC). When targeting high level executives, hackers might rely on a combination of attacks: whaling phishing attacks, executive impersonation, and business email compromise. Business email compromise (BEC) scams can combine spear phishing, email spoofing, social engineering, and occasionally malware. BEC scams are an increasing problem for businesses of all sizes, resulting in massive losses to organizations. What makes these messages more devious is that they can usually avoid the spam filter since they’re not a part of a mass-mailing campaign. BEC scams are more targeted in nature, and typically avoid the usual spam indicators that get flagged by most email servers.
Insider threats. What can executives do to protect themselves and their company against insider threats? To reduce the chances of a breach caused by current employees, former employees, contractors, or business associates, cybersecurity professionals recommend auditing, securing, and regularly patching software as the first step. Applications to secure: *Legacy systems, *Communication and collaboration apps, *Cloud storage and file sharing tools, *Finance and accounting tools, *Social media and intranets

Be much more vigilant and obtain better security/usability training to avoid falling prey to scams in the first place
Use enterprise-grade VPNs to avoid getting snooped on while traveling
Enterprises can adopt more fine-grained security postures (e.g., stricter access controls when traveling) and track the behavior of these high-profile C-level executives’ IT assets (e.g., laptop, tablet) to check for signs of compromise as soon as possible to minimize the damage
Use two-factor authentication where possible
Don't install software you weren't expecting to install (for example, if you receive an email to install a software update)
Verify unusual requests for sensitive information
Have strong, unique passwords for important accounts, such as email, banking, etc.
Have a PIN or passcode on your smartphone, in case you lose it

Unsecured wireless networks. While public wireless networks provide great convenience, allowing people to connect to the Internet from almost anywhere, they are unsecure and can allow cyber criminals access to your Internet-enabled devices. Beyond the typical public wireless networks found at airports, restaurants, hotels, and cafes, they are increasingly available in other places, such as on airplanes and in public parks.
Publicly accessible computers. Hotel business centers, libraries, and cyber cafes provide computers that anyone can use. However, travelers cannot trust that these computers are secure. They may not be running the latest operating systems or have updated antivirus software. Cyber criminals may have infected these machines with malicious viruses or install malicious software
Physical theft of devices. Thieves often target travelers. Meal times are optimum times for thieves to check hotel rooms for unattended laptops. If you are attending a conference or trade show, be especially wary — these venues offer thieves a wider selection of devices that are likely to contain sensitive information, and the conference sessions offer more opportunities for thieves to access guest rooms.

BOOKS

ADVERTISEMENT

DEFINITIONS

ADVERTISEMENT
A CYBERSECURITY FIELDGUIDE FOR EXECUTIVES

With all the daily blasts of news about cyber attacks, it can be easy to fall victim to cyber fatigue—and lose sight of where your organization sits in the scheme of things. Could your company be a target? How might hackers attack you? What would be the motivation for a...

Read more
ADVERTISEMENT
ADVERTISEMENT

QUOTES