Serg Nvns - Fotolia
From a hacker's perspective, an executive is the highest-value target to hunt. Among the reasons for this, executives are privy to the most important and confidential trade secrets a business possesses.
In addition, executives typically have application access privileges far greater than those granted to lower-level employees. To that end, hackers exploit these accounts by electronically impersonating the executive to gain even more access through the use of social engineering, specifically in terms of a type of phishing called whaling, which targets C-level executives or celebrities. Lastly, executives by and large tend to be the worst security procedure offenders.
It is precisely because of these reasons, among others, that security awareness training for executives is so important. Not only should the training include the typical topics all other employees are schooled in, but executives should also learn about other potential attacks specific to their role within the organization.
Spies can cost businesses billions
In many cases, espionage agents specifically seek to target executives they believe are not well-versed on how to protect themselves. This includes executives who do not follow proper procedures routinely when handling data. Other times, they target execs with ubiquitous social media profiles. Spies can use this type of information as part of spear phishing scams or in traditional blackmail tactics.
The potential security pitfalls associated with corporate travel -- especially overseas -- is another area that calls for security awareness training for executives.
When executives travel to foreign countries, they must understand that they could become major targets for foreign governments and corporate competitors. It's crucial that they take extra precautions when traveling and using corporate-owned devices. This includes ensuring all laptops, smartphones and documents are always in their possession, as well as generally refusing to trust anyone with any type of sensitive information.
Additionally, security awareness training for executives who travel abroad should highlight security tactics and technologies tailored to decrease the likelihood of any data being stolen. This includes the use of burner phones, virtual desktop infrastructures and enterprise mobility management tools.
Dig Deeper on Security awareness training and insider threats
Related Q&A from Andrew Froehlich
Making it easier for companies to deploy a SIP trunk was just part of Twilio's strategy. It was Twilio SIP trunking pricing that really changed the ... Continue Reading
As remote work becomes increasingly normal, IT teams must decide which remote access technologies will benefit employees more. VPN and cloud services... Continue Reading
NG911 standards mean more accurate location tracking for emergency calls on IP-based communications systems, and more efficient response by police, ... Continue Reading