Corporate Cyber Threats and the Need for Executive Protection

The most lucrative targets of cyberattacks are Fortune 500 board members and CEOs, many of whom are forced to resign over catastrophic breaches.

We recently discovered a senior executive at one of our customers was being targeted by a threat actor associated with a terrorist organization! While unusual, this is not rare.

Not long ago, executive protection was more closely associated with the physical security space than virtual, but in this new era of cybercrime, executives are increasingly the target for cyber attacks.

A recent Forbes survey found 84% of executives had been subject to at least one attack in the past year. Due to the vast amount of sensitive information the C-Suite and boardroom hold, they make for an obvious target – and, as you’ll soon find out, an easy one.

The numbers don’t lie. Research shows that almost 40% of IT decision makers believe the weakest link in their cybersecurity operation is, you guessed it, the CEO. The pandemic has only intensified this issue and scammers have impersonated more than 7,000 CEOs since March. Who can forget the July 2020 Twitter hack involving the accounts of Elon Musk, Bill Gates, and Barack Obama?

Right now, there are billions of breached and leaked identity records circulating throughout the surface, social, deep, and dark web. Threat actors leverage these compromised credentials to build digital profiles and personalize their attacks – phishing scams, social media fakes, account takeover, etc. – when targeting corporate executives, celebrities, and many others. It should be noted that not only are executives at risk, but so are their companies and even their companies’ supply chains.

Executives are merely an entry point for threat actors looking to wreak financial havoc.

Beyond safety, finances, and security, livelihoods are at risk – Kaspersky Lab found in North America, one-third of breaches resulted in a C-level executive losing their position. Luckily, there are steps a corporate leader can take to reduce the likelihood of having their identity compromised, inadvertently putting the organization at risk of further harm:

  • Install anti-virus, personal firewall software, and update applications often on all devices.
  • Use strong (meaning unique, complex) passwords across all sensitive accounts and change them relatively often. A password manager can help you store, generate, and manage passwords.
  • Turn on multi-factor authentication, when possible.
  • On social media, review your privacy settings and reveal the absolute minimum about yourself.
  • Set up a VPN when working from home or out in public.
  • Implement mandatory cybersecurity awareness training for all employees.

Companies large and small, public and private, use Constella’s technology and services to identify exposed information about executives, such as potential impersonations, where they are referenced, by whom and in what context. Our platform – which provides the most sophisticated breach collection and curation process in the industry, protecting over 30 million consumers – helps enterprises of all sizes make quick, informed decisions for remediation and takedown of risks to key executives.

Keeping up and protecting your executives with their fast-paced, high-profile lifestyles requires significant time, expertise, staff and tools. Without adequate resources and protection in place, it is almost impossible to protect them from financial, physical, and reputational harm. Our comprehensive real-time monitoring and proprietary analytics are designed to keep organizations one step ahead of danger, providing advanced anticipation and early warning.

The world’s major public, private and non-profit organizations rely on Constella’s Executive Protection services to safeguard their most critical executive and organizational interests. Learn more about Constella Executive Protection here.

By Kailash Ambwani, CEO at Constella Intelligence

 

© 2021 Constella Intelligence. All rights reserved. Website Privacy Policy. Terms of Use. Datalake Privacy Notice. Acceptable Use Policy.