Digital Executive Protection Programs: Why Every Board Member, Executive, and High Access Employee Should be Covered

Best-in-class organizations like the National Association of Corporate Directors (NACD) have found that Digital Executive Protection is no longer discretionary; it is fundamental to protecting corporations and the individuals who manage and oversee them. The following paper describes how threat actors are attacking board members, executives, and high access employees, and how Digital Executive Protection Programs can turn the tide against them.

Social engineering is the use of publicly available personal information of employees, executives, and board members to gain access to company information, accounts, and/or finances. A criminal can typically build up a detailed image of their victim by combining the information from their employee page on the company's website, their LinkedIn profile, their Twitter profile, and their Facebook profile.

To stand guard against similar cybercriminals who seek to exploit prominent figures, Digital Executive Protection will flag all information that could be used against you in a social engineering attack. Some examples of Digital Executive Protection at work might include removing information from an inactive Myspace account or requesting that your child removes a photo they posted in front of your home that displays your vehicle's license plate.

Employees of all levels have large amounts of personal information, including but not limited to their phone number, home address, email address, vehicle information, and voter information. This information, often available through high-level data aggregators and collectors, can be used in doxing attacks or otherwise used for malicious intent against your organization's personnel. Digital Executive Protection can detect where this information is located and remove it before it gets into the wrong hands.

It is no secret that board members and executives hold highly valuable and sensitive information for their organizations. Knowing this, cybercriminals will try to gain access to accounts and networks that contain this lucrative information. Reusing passwords is one way cybercriminals are able to access confidential accounts. Millions of emails are compromised, and passwords are breached every year, making highly sensitive information freely available on the deep and dark web.

The Fortalice Fix