Research by Ponemon Institute and cyber security company BlackCloak has found that hackers have been directly targeting C-suite executives and their family members with cyber attacks via their personal email addresses.
In Understanding the serious risks to executives’ personal cybersecurity and digital lives, which was released on June 5, researchers found that 42 percent of organizations said that an executive or an executive’s family member had been the direct target of a cyber attack. This targeted threat vector is also referred to as key employee/role targeting.
Cyber Security Hub research has found that more than one in four (26 percent) cyber security professionals believe that key employee/role targeting will have the biggest impact on cyber security in 2023.
The Ponemon Institute and BlackCloak institution found that executives and their families are targeted with a number of threat vectors including social engineering-, malware– and network infiltration-based attacks.
Chris Pierson, founder and CEO of BlackCloak, explained to cyber security news site Cybersecurity Dive that “cybercriminals have realized that most executives are almost completely unprotected outside of their corporate accounts and devices”, meaning that they are particularly vulnerable to these attacks.
The research also found that this issue represents a significant part of cyber security employee’s roles. On a scale from one to ten, where ten represents something intensely time-consuming, 35 percent of respondents rated the amount of time they spent on key role targeting as a nine or ten.