Serg Nvns - Fotolia
From a hacker's perspective, an executive is the highest-value target to hunt. Among the reasons for this, executives are privy to the most important and confidential trade secrets a business possesses.
In addition, executives typically have application access privileges far greater than those granted to lower-level employees. To that end, hackers exploit these accounts by electronically impersonating the executive to gain even more access through the use of social engineering, specifically in terms of a type of phishing called whaling, which targets C-level executives or celebrities. Lastly, executives by and large tend to be the worst security procedure offenders.
It is precisely because of these reasons, among others, that security awareness training for executives is so important. Not only should the training include the typical topics all other employees are schooled in, but executives should also learn about other potential attacks specific to their role within the organization.
Spies can cost businesses billions
In many cases, espionage agents specifically seek to target executives they believe are not well-versed on how to protect themselves. This includes executives who do not follow proper procedures routinely when handling data. Other times, they target execs with ubiquitous social media profiles. Spies can use this type of information as part of spear phishing scams or in traditional blackmail tactics.
The potential security pitfalls associated with corporate travel -- especially overseas -- is another area that calls for security awareness training for executives.
When executives travel to foreign countries, they must understand that they could become major targets for foreign governments and corporate competitors. It's crucial that they take extra precautions when traveling and using corporate-owned devices. This includes ensuring all laptops, smartphones and documents are always in their possession, as well as generally refusing to trust anyone with any type of sensitive information.
Additionally, security awareness training for executives who travel abroad should highlight security tactics and technologies tailored to decrease the likelihood of any data being stolen. This includes the use of burner phones, virtual desktop infrastructures and enterprise mobility management tools.
Dig Deeper on Security awareness training and insider threats
Related Q&A from Andrew Froehlich
Infosec pros need to mitigate traditional cyberthreats, as well anticipate sophisticated, emerging threats. Learn how to build a threat management ... Continue Reading
Advances in security tools are changing threat management processes. Learn how infosec pros are utilizing UTM platforms, AI and threat intelligence ... Continue Reading
The role of CISO in network security goes beyond risk management. It also requires understanding compliance regulations and business needs, as well ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.