Part of an executive team? You might be the biggest security risk to your business
Date:
Tue, 31 Oct 2023 12:50:58 +0000
Description:
New research finds executives are more likely to share passwords, click on phishing links, and share work devices with friends and family.
FULL STORY ======================================================================
New research has found that executive leaders are putting their businesses at risk with much looser security practices than their underlings.
The study from Ivanti found executives are the most likely to be targeted by threat actors, making the possibility of a successful phishing campaign or malware attack even higher.
The shocking discrepancy between the security protocols practiced by cybersecurity professionals and their executive leadership can have real consequences. Do as I say, not as I do
The company's Executive Security Spotlight report examined the security
habits of office workers, security professionals and leadership executives from across the globe found that despite increasing support and investment in cybersecurity, 49% of executives have requested to bypass security protocols.
Moreover, executives are three times more likely to share their work devices with friends and family than office workers, and one in three admitted to accessing unauthorized data. But that's not all, 77% use birthdates, pet names, or other easy to remember information in their passwords.
Security professionals within businesses are struggling to combat the risks posed by executives due to a number of factors. Due to over-burdening and under-staffing, almost two thirds (60%) of CISOs said they had experienced burnout in the past 12 months. Combine this with executives frequently violating security protocols under the guise of just-this-once-ism and it's understandable why security teams have difficulty improving executive behaviors.
Its no wonder then, that executives are twice as likely to describe their interactions with their security team as awkward and embarrassing compared to other office workers. Executives are also four times more likely to use external, often unapproved, tech support rather than consult their own IT team.
The emergence of spear phishing attacks targeting executive level employees has potentially led to an increasing number of executives being targeted by these scams. Almost half (47%) of executives said they had been targeted by a phishing scam in the past 12 months, with 35% of those clicking on a phishing link or sending money to a scammer.
"There's a 100% chance your organization has been phished in the last year. It's the #1 way threat actors get that initial foothold in your network. We need to make sure that we account for that, and don't just assume people will 'know better' or that a phish will be overly obvious," noted Ivanti Chief Security Officer Daniel Spicer. More from TechRadar Pro SMEs don't want to
use AI - it's not safe enough for them Why theres no one-size-fits all solution to security maturity We've also listed the best ransomware
protection
======================================================================
Link to news story:
https://www.techradar.com/pro/part-of-an-executive-team-you-might-be-the-bigge st-security-risk-to-your-business
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)