How to Build Cyber Security for Executive Protection Against Personal Threats

TL;DR: Security teams can build cost-effective cybersecurity programs around their executives’ personal accounts and privileges by removing their data from core exposure sources like data brokers.

• DeleteMe delivers cybersecurity for executive protection by keeping personal data away from cybercriminals.

Even seemingly innocent information can be exploited by cybercriminals. Protect executives’ cybersecurity by keeping that information private.

Cybersecurity for Executive Protection Starts with Technical Controls

A program to protect executives from cyber threats can include security controls like:

• Advanced threat detection controls: Software like antivirus (AV) and endpoint detection and response (EDR) that look for malware in real-time on an executive’s device or the software they use. 
• Device and application access management: Access control here means making sure that only executives can access their accounts, devices, and applications. It is a fundamental part of cybersecurity for executive protection. Even though executives might never want their workflows interrupted, controls like multi-factor authentication, biometric security, and zero-trust access protocols can significantly reduce their cyber risks. 
• Incident response & continuous improvement: Data breaches and other executive cyber security risks can never be 100% protected against. However, they can be contained with a well-practiced incident response plan that addresses breaches as they happen and learns from them to improve defenses. When an incident occurs, everyone should know who does what, when, and what happens next to stop incidents from spiraling. 

These are some of the processes and technologies on which cybersecurity for executive protection depends on.

The best executive cybersecurity programs are built on having layers of preventive and corrective controls to make incidents less likely and, if they do happen, less dangerous to business continuity and executive reputation. 

But Technical Controls Alone Will Not Protect Executives from Cyber Risk 

Many organizations deploy technical preventive controls but fail to secure executives’ personal information, which enables the majority of data breaches and phishing incidents. 

When executives’ personal information is exposed online, it can put them at risk of cyber threats like:

• Identity theft & financial fraud: With enough personal details, attackers can impersonate executives to commit fraud, including making unauthorized bank transactions or opening fraudulent accounts.

• Social engineering: Detailed personal data enables more convincing spear-phishing or whaling attacks, where emails or texts are tailored to trick executives into sharing sensitive information or installing malware on their devices.
• Account takeover: Knowledge of personal details (e.g., birthdays, names of family members) can help attackers guess passwords, answer security questions, or bypass multi-factor authentication (MFA) through techniques like MFA fatigue or SIM swap attacks. For example, the cybercriminal group LAPSUS$ is known to contact help desk personnel at targeted organizations with the goal of convincing them to reset the credentials of privileged accounts. They often do so by providing answers to recovery questions like a mother’s maiden name or the first street they lived on.
• Corporate espionage: Competitors or adversaries can use publicly available executive data to get executives to divulge corporate secrets or lure them into compromising situations.

Stopping Executive Information from Being Exposed Online

It’s not hard for cybercriminals to find executive personal information online. 

Executive information is often listed on employer websites and corporate social media pages. 

Additionally, criminals can find executive data through public records, crowdfunding platforms (which often show up when you search for an executive’s name and which are great for giving criminals an idea of what causes an executive is interested in), online forums, personal social media pages, and public gift wish lists.

There are also data brokers and people search sites, which make executive data collection particularly easy. 

What are data brokers?

Data brokers (sometimes known as people search sites) are companies that collect, aggregate, and sell personal information about individuals, including executives and their family members. 

Anyone can use data brokers and people search sites to find information about executives, including their home addresses, phone numbers, email addresses, marital status, education and employment history, links to social media profiles, and more. 

Besides “normal” people search sites and data brokers, there are also B2B data brokers, which can include org charts, affiliations and memberships, and employee quotes from press releases. 

How data brokers amplify cyber threats to executives

Data brokers aid cybercriminals targeting executives by:

• Aggregating data: Instead of piecing together disparate bits of information from public records and social media, cybercriminals can access a comprehensive dossier from one source. Data broker information is often accessible through simple searches on Google and other search engines.
• Enhancing social engineering: With a complete picture of an executive’s personal life, attackers can create highly personalized and convincing scams.
• Escalating attack scale: Automation and AI make it easy for threat actors to exploit these dossiers on a large scale. 

Case study: How criminals exploit data brokers to target executives with cybercrime

Cybercriminal groups like Conti have dedicated open-source intelligence (OSINT) teams that harvest publicly available data on victim organizations. 

These teams collect information from a target’s official website and other online sources. In internal Conti communications, there are references to data broker databases that provide valuable details, including names and contact information of high-profile individuals. 

Cybercriminals leverage this information to identify targets for spear-phishing campaigns and to improve the credibility of their social engineering attacks by “name-dropping” verified contacts. 

Deploying an Executive Personal Data Protection Solution 

To reduce the risk of cyber attacks targeting executives, remove their information from public sources. 

Removing executive data from the web involves auditing internet sources like company sites, social media pages, and data brokers for personal executive information and, where possible, removing it. 

Because data brokers are known to republish information when they collect more information, opt-outs from these companies need to happen continuously. 

Specialized data broker removal services can be used to keep your organization’s executives’ personal information out of reach of criminals.