1. Safeguarding Your Biggest Cybersecurity Target: Executives

    Safeguarding Your Biggest Cybersecurity Target: Executives

    Safeguarding your biggest cybersecurity target: Executives Safeguarding your biggest cybersecurity target: Executives Top execs make big targets, especially when traveling abroad. Here’s how to protect C-level officers from whaling, espionage, and themselves...

    Read Full Article

    Login to comment.

  1. Categories

    1. BoardProspects Features:

      BoardBlogs, BoardKnowledge, BoardMoves, BoardNews, BoardProspects Announcements, BoardProspects CEO, CEO Blog, In the News, Partner Publications, Question of The Week, Sponsored Content

    1. Executives are targeted for their access and influence within organizations, especially those whose purview includes sensitive financial data or personally identifiable information.
    2. Of course this will include the usual suspects in the C-suite, but it is no longer restricted to the boardroom.
    3. Executives need to internalize that they are targets.
    4. Every statistic I've seen shows that executives are the least likely to adhere to policies that they expect everyone else to follow.
    5. For instance, the mail server needs to make it mandatory for smartphones to have encryption enabled and password lock enabled in order for access to corporate email to be allowed.
    6. We have found that for our executives in higher education, hard fencing — placing digital boundaries — of any sort does not work.
    7. When thinking of recent threats that destroyed leaders and their organizations, phishing attacks and ransomware are not getting the press they deserve.
    8. Commingling different security requisites onto one single device is a disaster waiting to happen.
    9. This can only be achieved when senior management is convinced that personal and operational cyber defense must be discussed at length with seriousness and intent to change behavior.
    10. These attacks historically have a high success rate.
    11. We encounter frequent and increasingly sophisticated email attacks on executives and the accounting department.
    12. It is the typical spoofing attack trying to trick someone into paying to what looks like a legitimate site or bank.
    13. When travelling to certain high-risk regions in the world, there must be an expectation that any device executives travel with will be copied when crossing the border.
    14. When returning, laptops and other data storage devices should be treated as if they had malware installed and go through a routine wipe prior to re-use or connected to the corporate network.
    15. We provide both Mi-Fi cell units and encourage staff to use their own phone hotspots and pay them to use them.
    16. We suggest starting not with the individuals, but with the critical information assets that an organization is trying to protect.
    17. Whichever area you are examining it is important to take into account three primary sets of threats: adversarial, accidental, and environmental.
    18. If these folks are required to access sensitive information, better to look at encryption, at virtual network solutions, and above all else at education and training.
    19. Security teams should augment their standard employee security awareness training with additional guidelines and details for executives, highlighting the greater risk and information exposure executives face because of the more public-facing aspect of their positions.
    20. Effective security, now more than ever, requires an understanding of how information is accessed and used at all stages of the lifecycle, at all times of day and in all variety of locations.
  3. Topics Mentioned

  4. Authors