How resuming travel is a threat to CISOs?


CEOs around the globe walk through a thin line of risk and reward. 

A senior executive opens an email that contains a picture of his pet winning a competition. A few weeks later, the executive discovers that the photo was tainted with malware, allowing an attacker to record every keystroke on his mobile device, including every email he sent. 

The crooks took screenshots regularly and activated his camera and microphone, giving them eyes and ears into what was going on in the C-suite. The unprepared board discovers the violation from the CEO, while the information is widely disseminated before they have an opportunity to encompass the breach or deal with the fallout. 

Sales fall, class-action lawsuits ensue, and the CEO steps down.

Now rewind! Fortunately, you can!

The dire need of VIP Security

Better prevention could have helped in all of these cases, but it would not have sufficed. While it is critical to improving VIP security, it is also vital to gain more awareness into who is targeting and have a strategy to mitigate threats before they are officially detected.

What keeps CISOs and CEOs awake at night

Keeping data secure is no longer an afterthought in most organizations, whether it’s customer data, intellectual property, or the more mundane data required to run the business. Customer loyalty and trust, as well as innovation, are inextricably linked to cyber security. 

A breach can significantly harm consumer trust and damage a brand’s equity. C-suite and VIPs have traditionally viewed cyber security as a tactical issue rather than a strategic one. However, there has been a growing recognition that cyber security can pose a risk to the entire enterprise over the last decade.

Pandemic v/s cybersecurity

The COVID-19 pandemic has significantly altered the travel landscape, affecting employers’ and travel managers’ responsibilities and requirements. Among the critical changing risks in the travel landscape are:

  1. Misinformation: Because travel restrictions are constantly updated, information quickly becomes outdated.
  2. Medical risk: COVID-19 has placed a massive burden on healthcare systems.
  3. Security risk: Many locations face a higher security risk, and CISOs recognize that these factors may jeopardize VIPs’ security. CISOs comprehend that we all survive during unprecedented times when cybersecurity risks are taking their toll. Such risks broaden the horizon where VIPs are susceptible to insecure public WIFI’s, mobile telecoms services.

Prerequisite: Building Traveler Confidence

Organizations must stay informed and versatile in managing any changes declared and deploy adaptive policies and strategies to keep their enterprises and VIPs secure. As the pandemic progresses, the travel landscape will transform. The cyber risk landscape, on the other hand, is constantly changing.

Developing a cyber risk framework to bolster VIP security

VIP executive security should be privileged. To hackers, these C-suite executives are a goldmine. It is because of the sensitive data they possess. C-suites are prone to VIP treatment because of their designation, traveling, and accessibility to sensitive information. This is enticing for hackers, which makes VIPs prone to cyber threats.

Understanding the premise and motive of the attack, which is more susceptible to hacking, and why they would attack is the first step in this direction. In a nutshell, know your adversary. A cohesive framework can also assist organizations in determining which assets require the most security and which would cause the most damage if they were compromised.

What are some essential practices to strengthen VIP security?

For many years, cell phone security has been an underappreciated threat. However, there have been reportedly increased cases where this overlooked threat compromised VIP security. Their phone security is one of those things that isn’t a concern until it becomes, but when it is, it’s a significant issue.

  1. Web-based Mobile Threats – Mobile websites can download malware onto their mobile devices without permission or knowledge. Phishing is a standard method attackers use to get us to click on links to sites containing cellphone threats. Our phones’ security software can assist in detecting infected areas and phishing emails. It’s also a good idea to be extra cautious and observant. The IRS, for instance, will never send us an email requesting our tax information. (They only use the United States Postal Service.) An email directing you to the IRS website is almost always a fraud.
  2. App-based threat vectors – Hackers create malicious programs that we can download or purchase. Once installed, these mobile applications can steal our personal information or financially benefit themselves. These malicious hackers may even disguise themselves as well-known and beneficial apps available, exploiting vulnerabilities or taking advantage of specific permissions to download the negative aspect into the phone. It is critical that when an app requests these permissions, their use is substantiated.
  3. C-suite level security – irrespective of pandemic or traveling. Hackers are interested in intruding VIP security. They are not dependent on pandemics or traveling to fulfill their desires. CISO’s should start securing VIPs’ mobile devices from hacking. Just to let you know, EFANI‘s Black Seal Protection provides the best cell phone security and is designed to keep VIPs secure at all costs.  
  4. Abandon SMS-backed 2FA – instead use Multi-Factor Authentication or physical keys.
  5. Generate strong passwords – or use a password manager. Do not autosave passwords. 
  6. Network threats – Mobile devices are typically linked to at least two networks, if not more. Cellular connectivity, Wi-Fi, Bluetooth, and GPS are examples of these. Hackers can use any of these connection points to take control of a device, trick the user, or breach a company’s network. Wi-Fi spoofing, for instance, is a potential danger in which an intruder simulates access to an accessible Wi-Fi network and tricks users into integrating so that the attacker can sniff sensitive data being produced by the network. Best practices suggest turning off antennas when not in use and configuring privacy controls to prevent unwanted access to Wi-Fi.

As mobile devices continue to be targeted by hackers, it’s an opportunity to implement VIP security and mitigate potential mobile threats to an acceptably low level. Our mobile devices are vulnerable to malware, web attacks, social engineering, physical theft, and network attacks. 

Begin with security awareness training and strong security guidelines, and then progress to more technical risk-mitigation measures.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular

To Top