Many CEOs think they are immune to hackers, at least that’s what a new report from The Bunker, a cloud security firm, says. According to The Bunker, these findings are ironic given that CEOs are the ideal victim.
According to the report, Are You the Weakest Link? How Senior Executives Can Avoid Breaking the Cybersecurity Chain, many senior executives ignore the threat from hackers and cybercriminals and often feel that security policies in their respective organisations do not apply to their unique position.
Executives waking up to cyber threats: how should they approach them?
In reality, their often privileged access to company information makes their personal accounts extremely valuable to exploit and heightens the need for extra care.
Professional hackers and adversaries will usually do a thorough investigation into a senior executive or board level director, including full analysis which could entail in-depth monitoring of the company website and associated social media accounts (including employees and their extended networks).
It appears that many CEOs commonly view cyber security as a responsibility for the IT department only. In reality, IT security has now become a remit for all individuals.
“All employees — especially those at the top of the corporate ladder — need to realise that cybercriminals use social engineering, email phishing and malware to access personal accounts, and C-level staff especially need to avoid becoming the weakest link in the cybersecurity chain by adhering to regularly updated, company-wide security policies regarding data sharing and backup,” said Phil Bindley, Managing Director, The Bunker.
“Reviewing corporate policies, with a focus on people, premises, processes, systems and suppliers will provide valuable insights into which areas to improve, and by championing a ‘security first’ corporate culture, organisations and their senior executives will be well positioned to avoid the high financial costs, reputational damage and unexpected downtime that could result from a cyberattack or data breach.”
Is cyber security finally on the CEO’s agenda?