Blog
Sayers Fundraiser Aims to Reach $50,000 in Support of St. Jude Children’s Research Hospital
Read More
Recent headlines of online and physical attacks against senior executives have placed executive safety in the spotlight. Are your company execs receiving the security and monitoring required to keep them and their data safe?
According to the 2024 GetApp Executive Cybersecurity Survey of more than 2,600 global IT and cybersecurity professionals:
72% of US senior executives have been targeted at least once by a cyberattack in the last 18 months. 69% of respondents whose company’s senior executives were previously targeted say cyberattacks against senior members of staff have increased.
Amid this rising threat, the elevated access and influence of executives make them increasingly attractive targets for attacks such as online tracking, impersonation, and physical threats.
Executive monitoring and protection extends cyber and physical security beyond office walls. Solutions range from digital monitoring to enhanced home network security and personal device protection.
Cyber attackers view executives as a weak link in the ability to protect digital assets, due to basic cybersecurity mistakes such as using weak passwords. Compounding that risk is the need to protect executives’ physical safety.
According to a Ponemon Institute Survey: Understanding the Serious Risks to Executives’ Personal Cybersecurity and Digital Lives, executives have heightened security risks such as:
• Elevated access and influence in the organization. Executives are more likely to have access to sensitive financial or project data. Their hierarchy and influence on other organizational members also make them impersonation targets.
• Strong ties to organizational reputation. Executive actions inside and outside of work (even at a Coldplay concert) can reflect positively or negatively on the organization.
• Custom access controls and rights. Some members of the C-suite are known to request special access rights allowing them to bypass security requirements such as multi-factor authentication. Bad idea.
Attacks can occur in both the digital and physical realms. Methods include online tracking and bullying on social media accounts such as Facebook and LinkedIn.
Cybersecurity attackers have targeted executives’ private email addresses and their home networks to bypass organizational networks protected by intrusion detection and prevention.
According to the Ponemon Institute survey, executives have experienced threats including malware infections on personal or family devices (56%), email compromise(42%), online impersonation (34%), ransomware (31%), and physical attacks such as swatting (25%). Swatting involves false reports of a serious crime to prompt a police response, particularly SWAT teams, to the home.
Some companies that have turned to organization-wide monitoring of corporate assets, domains, and email addresses think it will protect their executives as well.
General monitoring tools for the dark web, deep web, open web, and social media traditionally have been organization-focused, with a corresponding business-focused response. Such responses include domain takedowns of malicious content or reporting of phishing attempts.
Joe Schnell, Senior Cybersecurity Architect at Sayers, says:
“We’ve seen customers take executive information including the C-suite’s personal email address, home address, and other personal information, and add those as assets to be monitored. This will give visibility into potential attacks, but the responses are all business-focused, so it’s not going to help clean up that personal type of information that’s getting out there.”
Current executive-focused protection and monitoring capabilities fall into three tiers:foundational, enhanced, and elevated.
Foundational capabilities include the basics of securing an executive’s digital presence:
• Social media monitoring
• Clean digital footprint
• Open/dark/deep web monitoring, ranging from compromised email addresses to potential chatter around targeting an executive
• Data broker cleanup to improve online privacy by removing personal information from data brokers and people search sites
• Executive education to help executives improve their online safety and increase awareness of their digital presence.
According to the GetApp survey:
87% of IT and cybersecurity professionals agree senior executives should receive more cybersecurity training than other employees.
Enhanced capabilities extend protection to the home for executives and their household members, including:
• Home network hardening, such as putting firewalls in place
• Home network monitoring to identify threats
• Personal device protection that places enterprise-level endpoint security on personal devices
• Personalized threat communication with executives that respects their privacy.
Elevated capabilities go beyond the digital realm to offer physical protection of executives and their homes, including:
• Property monitoring with onsite cameras
• Travel security, whether traveling overseas or across the country
• Physical executive protection
• Beyond adversarial threats to include protection during natural disasters or political unrest
A variety of vendors offer executive monitoring and protection services that align with these three tiers.
Foundational capabilities:
• Sayers offers digital footprint discovery, executive education, and regular check-ins to help from a digital security perspective.
• 360 Privacy monitors dark web, deep web, and social media for potential risks and threats, and offers executive education.
Enhanced offerings:
• Nisos provides foundational capabilities on either a one-off or recurring basis. They also offer enhanced capabilities including home network monitoring and hardening.
• BlackCloak offers home network hardening and personal device protection for executives and household members. They communicate threats to both the executive and the internal organization while maintaining executive personal privacy.
• VanishID offers foundational and enhanced capabilities, using agentic AI to power their executive protection. This can include monitoring and takedowns of malicious digital content.
Elevated services:
• Global Guardian includes enhanced capabilities such as protecting executive home networks and devices, as well as elevated services for physical protection such as bodyguards and traveler security.
Questions? Contact us at Sayers today to discover extensive technology solutions, services, and expertise to cover all areas of your business.
