Issue link:

Contents of this Issue


Page 0 of 3

SAFEGUARDING YOUR SECURITY AND PRIVACY AT WORK AND AT HOME NEWSLETTER SPRING 2018 SPRING 2018 SECURITY SMART 1 For more information on staying safe online here at BSU or at home, contact 3 Ways to Protect Your Execs from Hackers S ENIOR EXECUTIVES—and anyone who works closely with them—are favorite targets of mali- cious hackers, in part because they are likely to hold or have access to potentially valuable information. "Of course this will include the usual suspects in the C-suite, but it is no longer restricted to the boardroom," says Steve Durbin, managing director of the Informa- tion Security Forum. "Personal assistants, systems admin staff, pretty much anyone who has the ability to provide access to the determined cyber criminal on the hunt for valuable information is now in play." Here are some steps executives and their immediate coworkers—and anyone, really—can take to avoid being the entry point into a major security breach. 1 Keep a low profile online. Hackers use public information on social media sites such as LinkedIn, Instagram and Facebook to build profiles of targets they plan to attack. "Cyber attackers take time to watch, plan, practice, hone, and harden their art before going after a high-value tar- get," says Bill Thirsk, vice president of IT and CIO at Marist College. "Attackers have the luxury of stealth, time, duplic- ity, and multiple platforms for designat- ed random attacks—all of which work against normal human behavior, curios- ity, and the need for connectedness." That's why if you're an executive or work with one, you should carefully moni- tor your digital footprint, including all so- cial media accounts. Also, encrypt your smartphone and enable password locks if you use it to for work, such as checking email. If you're not sure how, ask your organization's IT department. 2 Verify all requests for corporate data or money transfers. Phishing attacks and ransomware are common ways hackers lure people into providing the information they need to steal data. Phishing tactics that specifi- cally target high-level executives, celebri- ties, and public figures are called "whal- ing attacks," and they're on the rise. "There is an increase in the sophistica- tion of whaling attacks that target the harvesting of credential information or request a wire transfer from company ac- counts," says Wayne Lee, chief cyber se- curity architect at West Monroe Partners. "These attacks historically have a high success rate." Email is one of the most common tools used in these attacks. Cyber criminals send messages asking the recipients to transfer money to what looks like a legiti- mate site or bank, or they'll contact peo- ple in the accounts payable department using a fake email from an executive that asks them to send a payment. Before sending information or money in response to an email request, always double-check that the request is legiti- mate. Contact the sender, not via email but in person or on the phone, and also get confirmation from another executive. 3 Use extra caution when traveling. Business travel, especially overseas, ex- acerbates security threats. Ask your IT department about security guidelines for any electronic devices and media you'll be taking with you, Lee says, as well as quarantine and inspection polices for those devices when you get home. If you need to access data remotely, do so over a secure channel, such as a secure remote desktop or virtual private network (VPN), or store it on a hardware- encrypted USB drive where encryption cannot be disabled. And remember that Wi-Fi networks are risky, whether they're in hotels, restau- rants, airports or conferences facilities.

Articles in this issue

Links on this page

Archives of this issue

view archives of BSU - Security_Smart_Spring2018_BSU