Most high profile executives can be easier targets as they are usually absent from routine security training which now exists in most firms. Over 80% of breaches or threats result from common sense security protocols not being implemented by the executive or his/her immediate staff.
These can include:
- Not doing routine upgrades on personal machines
- Accepting or using random memory drives
- Not having apps verified by IT/security departments before installing on phones, tablets or computers
- Leaving an office unlocked or making it accessible
- Taking sensitive work home
- Using generic email addresses (gmail, hotmail etc) for work
- Not having the latest anti-virus or internet security software installed
- Giving low level IT staff access to Super Admin on company servers
- Not having a security filter installed on company emails
- Lack of proactive cyber scanning for threat chatter or discussion relating to the executive
- Using unverified cloud backup services
- Not using a shredder (old school trash digging is still done by serious adversaries)
- Using public wifi
- Never changing passwords or using passwords which are weak
- Not doing due diligence on vendors and giving them access
- Randomly clicking links on “alarming emails” or alerts (designed to make you click)
(This is by no means a complete list)
nice. Keep up the good work. Cheers!!
ReplyDelete