How CISOs can make execs more security-aware

Most CISOs know by now that cyber attacks on the executive suite are increasing.  Just this week a prankster duped British Home Secretary Amber Rudd (or her office) into replying to an email that looked like it came from the prime minister’s communications chief.

Fortunately it was a hoax from someone who has tricked a range of high profile people including Donald Trump Jr. into revealing their private email addresses. It could have been worse. Last month, for example, at least one of six execs at a Canadian company were tricked into opening an email attachment led to the firm having to pay a record $450,000 to recover from a ransomware attack.

So what can an infosec pro do to make executives more security aware? A writer at CSO Online has five suggestions:

1–Conduct a full risk analysis of the executive suite;

2–Make a strong case for the need for protection. How? Show execs what’s already online about their lives through a Google search. (Yes, people know you have a vacation property in the south thanks to your kids’ tweets. Now they can track when you’re out of town )

3–Ensure their business and personal devices are secure, as well as those of their families (Remember the kids’ tweets?….). this means setting a security policy for executives — forcing the use of encryption, for example — and making sure it sticks ;

4–Educate execs about spear phishing;

5–Create and enforce rules on executive travel, such as insisting on the use of a scrubbed laptop when going to certain countries and forbidding the use of WiFi.

In an interview for another story Robert Masse, a partner with Deloitte Canada’s cyber risk services told me that ”many strong security leaders are not strong technical people but they are evangelists who can bring together and convey the vision and be an agent of change to the organization.”

At a time when senior management are in the cross-hairs of threat actors that’s the kind of infosec pro many organizations need.

Read the full article here

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now