Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
It’s near impossible to hide online. No matter how under-the-radar an executive tries to be, it’s not just notoriety that attracts attention anymore — it’s their access to wealth, power, and information.
In April, it was announced that Facebook CEO Mark Zuckerberg’s allotted security budget was $20 million in 2018 — four times the amount he received for security in 2016. Meanwhile, there are executives like Larry Ellison, whose security spending has declined in recent years, even though his net worth has risen.
It is flawed logic to think that because a billionaire practices stealth wealth, or “flies under the radar,” that he or she is not going to get caught in a hacker’s crosshairs. A company’s C-suite, leadership teams, and board of directors are all sources of sensitive, privileged, and confidential information. This makes them prime targets for hackers, regardless as to whether the public knows their names, because hackers don’t care why you have money — they just care that you do.
CEOs can easily become victims of fraud via business email compromise/email account compromise attacks, which, according to FBI statistics, is now a $12 billion scam. And when private information about these high-net-worth individuals is exposed online, it carries a high degree of risk for that individual, their families, associates, and his or her business. This is because even if an executive hides from Forbes’ list of the world’s billionaires, any of their data in the digital world is fair play. Cybercriminals practice the utmost due diligence to identify targets and exploit their most private details. A cyberattack of surgical precision can happen to anyone at any company.
Consider the example of Sony. The FBI believes North Korean hackers accessed the company’s networks and stole data — including unreleased movies, financial information, company plans, and personal emails — before publishing it for the public. The hit to the company’s reputation was overwhelming. “Investigation and remediation expenses” related to the hack cost Sony $41 million, according to the Associated Press. And before this scandal, it’s likely the exploited Sony employees were household names, yet they still played a critical role in the breach of data.
Most importantly, digital assailants no longer remain hidden behind computer screens holding a company’s hardware hostage with ransomware. The lines between cyberattacks and physical attacks are increasingly blurred.
Ten years ago, a person’s constant public exposure would have had a strong correlation with needing increased security. There was far more exposure to these people than those who laid low. Back then, an executive’s security team would audit their physical space, installing alarm systems, security cameras, and assigning a bodyguard. However, that level of security falls short by itself nowadays. According to one report, “Traveling executives have been the target of kidnapping plots in certain parts of the world, and several foreign individuals were detained in China as possible retaliation to Huawei’s CEO being arrested in Canada.”
Executives need boots on the ground and savvy hands online. By scouring the web for sensitive information related to an individual, cybersecurity teams can quickly handle credible threats and escalate them to physical teams when necessary.
The executives who have the most sophisticated security see safety holistically. No longer are digital threats isolated to the abstract space of the internet. Physical security teams must work with digital counterparts to understand risks in both worlds and develop a plan that protects against it all because, after all, it’s near impossible to hide on the internet.
Executives are 12 times more likely to be the target of security incidents and nine times more likely to be the target of data breaches than they were last year. With financial losses related to reputational attacks ballooning above 400% between 2012 and 2017, much of it from leaked information, organizations can no longer afford to ignore the risk of C-suite’s attack surface.
For over a decade, RiskIQ has been protecting the digital attack surfaces of Fortune 500 IT organizations by giving them internet-wide visibility into the risks associated with their business and the threats targeting them. Now, with IT threats have shifted toward these organizations’ most prominent individuals, the C-suite, RiskIQ is applying our technology to protecting this critical attack vector.
Individuals protected by RiskIQ Executive Guardian can bring their physical and cybersecurity teams together to understand risks in both the physical and digital landscapes, developing a plan to defend them, 24×7. In addition to our petabytes of data collected over ten years, we’ve built a team of former CIA officers who have previously built corporate intelligence programs for some of the largest tech companies in Silicon Valley.
RiskIQ Executive Guardian detects the presence of breach data or unwanted information about individuals and their families online, helping prevent financial, reputational, and even physical attacks. Some of the world’s most high-profile business leaders are using RiskIQ Executive Guardian™ for a 360-degree view of their online risk.
Learn more about RiskIQ Executive Guardian here.
Magento Urges Users to Apply Security Update for RCE Bug - by @serghei
Via @Forbes, RiskIQ is the digital threat hunter using AI to define the future of #CyberSecurity #ThreatHunting #AttackSurfaceManagement https://t.co/cngRYJYWXe
Your attack surface today will not be your attack surface tomorrow. Securing your business now requires a new, adaptive approach. Here are the top 5 priorities for Attack Surface Management https://t.co/wZK5CotxQL
Your company's attack surface is continually evolving, and your security posture changes with it. In this blog post, find out why M&As mean acquiring not just a new company but also a whole new attack surface https://t.co/6u74UWoYDk
RiskIQ was named a Strong Performer in The @forrester Wave™: Vulnerability Risk Management, Q4 2019. Find out why https://t.co/eURschPuZc