Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
What concerns keep CEOs and other business leaders up at night? What doesn’t?
Financial results and competitive challenges are top of mind for sure. Still, today’s c-suiters also face more modern anxieties like the chance of a cyberattack on the company – or the executives themselves.
In the new economy, business executives are more and more digitally connected to family, colleagues, and work through mobile devices and social platforms. Like everyone, each leader’s digital interactions and online behaviors leave cyber breadcrumbs across the internet. Hackers can easily search for these digital clues, leaving executives susceptible to having their net worth, intellectual property, and personal reputation exploited. For example, hackers tend to follow the social media feeds of executives to learn about their activities and the colleagues with whom they regularly interact – from personal assistants to other company leaders. A hacker may be able to “crack” the credentials of these trusted colleagues, then begin impersonating them to lure the victim into sharing sensitive corporate or personal information.
What’s the end game for hackers? There could be any number of motives behind a cyber crook’s endeavors to manipulate or sabotage an executive—financial gain, political aims, even revenge, are all examples. A hacker may also target executives to sell their information to others. For example, an executive may post her workout metrics on a fitness app. Cyber-crooks can use this information to uncover the woman’s home address, which they can pass along to known buglers. Or the hacker may follow a person’s notification about attending events, knowing they will not be home at a certain time.
As the frequency—and cleverness—of digital invaders continue to increase, companies and executives require Fort Knox-like vigilance in the digital realm.
Historically, executive protection services focused on well-trained individuals recognizing and eliminating physical threats against executives and their loved ones. But in today’s connected world, companies have come to understand that executive’s online personal security practices are intertwined with their professional security practices, leaving organizations open to new potential vulnerabilities. So, keeping executives safe must also include internet monitoring for both types of activities.
Hackers thrive on finding personal details – from financial records to photos and text messages – and they don’t stop until they find a vulnerability. An inroad can come from an executive’s colleague, friend, or family member. References to names and addresses in online forums, malicious rhetoric toward them, and the presence of leaked sensitive data are all indicators of a possible threat against an executive. It’s all crucial intel that, when detected, can stop a threat from materializing.
The public evaluates organizations by the executives they employ and by the actions they take in and out of the office. Over the last decade, the number of privacy breaches causing potential reputational harm to individuals and organizations has grown significantly. Most evident is through the aftermath of the very public Ashley Madison privacy breach, where a large number of company resignations occurred following the days after the information was made publically available. Leading executive protection programs must offer digital monitoring as a core service, along with well-trained investigators. Together, these layers of security can help to anticipate cyber risks and privacy-invasive events before they occur. The key is staying one or two steps ahead of digital delinquents
Executives can feel safe 24 hours a day when they know that if their sensitive data becomes vulnerable on the web, immediate action will be taken to prevent unwanted breaches, physical safety attacks, or reputational concerns.
Executives expect protection – and respect for their privacy. Cybersecurity companies, combined with highly trained protection agents who embrace privacy by design considerations, are the right combinations to meet these expectations. Leading companies should:
Keeping pace with the ever-changing threats of digital hackers requires extensive monitoring of executives’ online activity. Harnessing the latest technology to monitor the internet is the safest, most confidential way of finding and mitigating vulnerabilities before a lawbreaking citizen finds their way to it.
Robin Gould-Soil is a recognized authority on privacy and data protection. She has been at the forefront of this burgeoning field for two decades. She has unique expertise resulting from her multi-sector experience across the corporate and public spheres, including executive roles at TD Bank Group, HSBC Canada, the Office of the Privacy Commissioner of Canada (OPC) and the University Health Network (UHN). Robin has spearheaded award-winning privacy initiatives, successfully engaged with a broad range of constituencies and peers, and built effective data protection and governance frameworks for large, global organizations.
What are the keys to a Modern Vulnerability Risk Management Program? On Tuesday, @joshuamayfield and @josh_zelonis will examine why defending your organization's digital attack surface starts with being able to discover unknowns and investigate threats: https://t.co/kCxgPW0Ckb
IGNITE is just 10 days away! RSVP now to kick off #RSAC and party with Flashpoint, @elastic, @ThreatQuotient, @Siemplify, and @RiskIQ: https://t.co/hnlh0UhHEo
The largest UK #GDPR fine was £183m in 2018 as B.A. booking website was hit by Magecart ccard skimming code. @RiskIQ worked with https://t.co/E3JRdvCMWA and Shadowserver to take down the malicious domains. https://t.co/iiH69vbKFK
The theme of this year's @cctxcanada 4th annual collaboration event is "Give and Take: Why helping others drives our success." RiskIQ's Geoff Roote explains the modern Internet Attack Surface and why defending the web is a collaborative community effort.