Although executive protection is not a new concept, it is increasingly becoming one of the responsibilities associated with CISOs and their teams, who are expected to protect key employees from third-party threat actors.
So what exactly does executive protection entail? At the highest level, it is a comprehensive security solution designed to address physical and cyber threats against executives, VIPs and other high-value individuals. The convergence of digital and cybersecurity threats is resulting in an increase in the frequency and complexity of threats to executives and key personnel. Executives are twelve times more likely to be targeted in a cyber-attack, sixty-nine percent of executives report a dramatic increase in physical threats. Effectively managing threats to employees is crucial, as an attack on an individual employee or family member is a potential vulnerability and attack surface for your organization that can result in reputational damage, IP theft, and financial loss.
An employee’s digital footprint can present a significant risk. Normal, seemingly innocuous activities such as social media posts and digital real estate listings can be combined with other online information including public records and leaked data , to create digital and physical threats to the employee, their family, and their employer.
Executives and employees should be aware of the following exposures:
- Pattern of Life Exposure: These are details that an employee (or family member) shares via social media and other digital channels. Threat actors leverage these details to establish a pattern of life to facilitate stalking, surveillance, and harassment.
- Personally Identifiable Information (PII): Unintended exposure of personal information continues to create a risk to executives. A wide range of data (including utility records, voting records, property records, campaign donations, and more) can be used by threat actors.
- Doxxing: Doxxing refers to the intentional publishing of an individual’s sensitive or protected identifiable information on the open internet. Doxxing is increasingly used to blackmail, threaten, and intimidate executives and their family members.
- Credential Theft: C-suite credentials are a prime target for hackers. Executives suffer from the same poor cyber hygiene as their subordinates, though they have access to more information. Password reuse and risky online site engagement are not uncommon.
- Business Email Compromise: Attackers can dupe employees by posing as an executive or emailing a finance department member with an urgent request for a funds transfer. Despite cybersecurity education, employees continue to fall for these attacks.
- Opinion Outrage: Expressing opinions on controversial issues can make executives the target of activists or hacktivists. Issues that may not relate to the business can cause outrage and motivate attacks.
- Impersonation and CEO Fraud: Fraudulent email, phone calls, text messages, and in some cases, deep-fake videos are used to prey on employees and associates of executives.
An individual’s digital footprint can exist outside of a professional organization’s firewall. Moreover, traditional cybersecurity technologies and services are not built to identify, investigate, or prevent attacks on employees from external threat actors.
We recommend the following steps to maintain digital and cybersafety:
- Identify: A comprehensive risk assessment enables organizations to understand executives’ and key personnel’s digital footprints and identifies risks and potential threats. The assessment must include social media, extremist forums, and the deep and dark web, where risk indicators and emerging threats are most often discovered.
- Investigate: Effectively managing human risks, including threats to employees, requires the ability to conduct investigations that deliver actionable insights and identify the source of threats. While critical to shutting down threats, attribution is complex and requires specialized expertise, tradecraft, and technology.
- Prevent: Minimize risk by tracking and addressing vulnerabilities within employees’ digital footprint. Regularly removing PII from online databases reduces exposure for key personnel. Additionally, proactive monitoring and timely alerts are critical for employees with a high risk profile.
Conclusion:
Threats to employees are a real and growing threat for businesses, especially as digital threats increasingly manifest in the physical realm. Identifying and addressing these risks early is essential to prevent harm, but can be a complex task. Integrating executive protection capabilities that span the cyber and physical domains into your security program enables you to proactively reduce threats and mitigate risks to your executives and high-profile personnel. Protect your company from these human risks that pose substantial business risks. Your leadership will thank you for it.