How can CSOs protect their CEO?

Company leaders are certainly targets, just ask Facebook’s CEO Mark Zuckerberg and Uber CEO Travis Kalanick

1 ceo target threat
Thinkstock

A target

Cybersecurity attacks are on the rise with data breaches occurring more frequently every year. Every employee is at risk for being the entry point into an organization’s network however your more visible employees may be an easier target. CEOs have a high level of visibility outside the organization and attackers can leverage the data they collect as a way to target them for cybersecurity attacks. Organizations can help protect your CEO from cybersecurity attacks by leveraging the following tips provided by security company Spirent’s David DeSanto. 

 

2 two factor
Thinkstock

Leverage two-factor authentication where possible

Use something you know with something you have (and voila you have two-factor authentication). Most applications and services offer the ability to integrate with two-factor authentication solutions which extend the security of the login process. Make sure to take the advantage of all the features the two-factor authentication company offers as some of them offer single sign-on functionality.

 

How can CSOs protect their CEO?
Thinkstock

Limit sensitive data on social media

In today’s society, it is common to put data (and sometimes a lot of data) out on social media. This includes items like birthday, home town and favorite sports teams on sites like Facebook and LinkedIn. This data is ripe for the picking for someone who would want to use this data to gain access to data without permission.

 

 How can CSOs protect their CEO?
Thinkstock

Password reset question management

These commonly include items like “What is your favorite sports team?” or “Where did you go to college?”. For executives, this information may be available online on sites like LinkedIn. Instead of correct answers, choose fake answers unique to that site. An example answer to “What is your favorite sports team?” could be “Holy Moly Avocado Stromboli”.

 

CSOs protect their CEO?
Thinkstock

Choose tethering instead of public wifi

A key component of being an executive is traveling (including visiting customers and attending conferences). Wireless networks, especially free ones, are prone to being spoofed as well as fake (or not official) options may be broadcasted as available. To confirm your CEO (or any executive) is using the securest connection available while traveling, choose tethering to a mobile device or mobile hotspot.

 

6 updating software mobile
Thinkstock

Keep all software up-to-date

Most modern operating systems make it really easy to keep them up-to-date. It is important to keep all installed software up-to-date including Adobe Reader, Java and third party web browsers (like Google Chrome and Mozilla Firefox). Also, remove any software that is not needed. This will help limit the amount of software that needs to be kept up-to-date.

 

CSOs protect their CEO
Thinkstock

Use local security software

Though anti-virus solutions seem very common today, a complete solution offering more than just file scanning can increase security. Solutions today can include host IPS, URL filtering and other features increasing the protection they offer. Running up-to-date local security software can help protect endpoints (laptops, desktops and mobile devices) from attacks and malware.

 

8 encryption
Thinkstock

Encrypt laptop hard drive(s)

Sometimes the easiest way to get access to data is physical access. The best way to circumvent this (or make this a much harder path) is to encrypt device hard drives (including laptop hard drives). Most modern operating systems offer an included solution for free and there are solutions available for purchase as well.

 

9 ceo teach
Thinkstock

Teach best practices from CEO down

It is important that security best practices are taught and led from the top down within an organization. Examples of best practices would include not clicking on links unless you were expecting the link from the sender, only install approved applications onto your devices (i.e., don’t install freeware/shareware from the internet) and only browse legitimate, work-related websites from your work devices.

 

10 threat landscape apocalypse ruins
Thinkstock

Use security tools that provide a complete view of your threat landscape

There are multiple types of tools available to security teams today however very few can fully emulate an enterprise network completely. Choose tools that provide fully emulated network traffic at scale as well as can run the latest attacks and malware.

 

CSOs protect their CEO
Thinkstock

Use external security experts

Organizations today are beginning to staff their own security teams as a way to be proactive to today’s threats. However, leveraging external security experts allow you to extend your security team to provide fresh eyes to your environment.

RELATED: 10 whaling emails that could get by an unsuspecting CEO