Large amount of publicly exposed Personal Identifying Information of Corporate executives makes phishing attacks more effective

Summary

A cyber risk security assessment of Fortune 100 Company executives conducted by PiiQ Media found a significant amount of exposed Personal Identifying Information (PII) including email, relationship and password information on social media platforms. This information gives attackers valuable intelligence that they can use to craft sophisticated spear phishing attacks, which account for more than 80% of reported breach incidents.

Report

Analysis

Most cyber-attacks are relatively unsophisticated and are successful because of poor cyber hygiene practices by individuals and organizations. Organizational shortcomings such as insufficient awareness levels of employees in good cyber hygiene, or weaknesses in patching cadence (which was the cause behind last week’s Ransomware breach of a German hospital that led to the death of a patient who was diverted away from the impacted hospital) are evidence of poor cyber governance.

More effectively dealing with these basic issues would result in material improvements in cyber security that would in turn lower the downside financial risks associated with breaches and generally poor technology management. This is only increasing in importance with the accelerated corporate reliance on digital technology to function and grow.

Indeed, many cyber breaches are the result of weaknesses in ‘people and process’ issues such as these, rather than the result of deficient hardware or software. Twitter’s July breach is a recent high profile example of how persistently weak internal controls and procedures leave companies open to attack. As CEOs become more personally liable for cyber breaches, these internal weaknesses will receive more attention internally, but as the linked survey indicates, there is still a long way to go.

Close

Instantly download research in our library and be the first to get access to new content

Denis Bolshakov

Log out

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website