Serg Nvns - Fotolia
From a hacker's perspective, an executive is the highest-value target to hunt. Among the reasons for this, executives are privy to the most important and confidential trade secrets a business possesses.
In addition, executives typically have application access privileges far greater than those granted to lower-level employees. To that end, hackers exploit these accounts by electronically impersonating the executive to gain even more access through the use of social engineering, specifically in terms of a type of phishing called whaling, which targets C-level executives or celebrities. Lastly, executives by and large tend to be the worst security procedure offenders.
It is precisely because of these reasons, among others, that security awareness training for executives is so important. Not only should the training include the typical topics all other employees are schooled in, but executives should also learn about other potential attacks specific to their role within the organization.
Spies can cost businesses billions
In many cases, espionage agents specifically seek to target executives they believe are not well-versed on how to protect themselves. This includes executives who do not follow proper procedures routinely when handling data. Other times, they target execs with ubiquitous social media profiles. Spies can use this type of information as part of spear phishing scams or in traditional blackmail tactics.
The potential security pitfalls associated with corporate travel -- especially overseas -- is another area that calls for security awareness training for executives.
When executives travel to foreign countries, they must understand that they could become major targets for foreign governments and corporate competitors. It's crucial that they take extra precautions when traveling and using corporate-owned devices. This includes ensuring all laptops, smartphones and documents are always in their possession, as well as generally refusing to trust anyone with any type of sensitive information.
Additionally, security awareness training for executives who travel abroad should highlight security tactics and technologies tailored to decrease the likelihood of any data being stolen. This includes the use of burner phones, virtual desktop infrastructures and enterprise mobility management tools.
Dig Deeper on Security awareness training and insider threats
Related Q&A from Andrew Froehlich
Migrating to UCaaS doesn't mean organizations need to leave legacy hardware behind. But organizations must ensure UC devices are compatible with ... Continue Reading
Cost, complexity and interoperability issues with existing network components are some of the weaknesses of SD-WAN that organizations need to ... Continue Reading
A migration from WPA2 to WPA3 is not simple. Organizations may need to update their hardware extensively to accommodate the newer Wi-Fi encryption ... Continue Reading