The senior or C-level executive protection forms a key component of an organization’s overall risk management strategy. Executive protection has developed as a mature professional service; however, at present its scope is limited to physical protection. Web revolution has transformed the way an organization works, giving rise to a wide range of cyber threats. Hence, the current myopic vision of the executive protection plan needs to evolve to include protection from cyber threats.
Defense against cyber espionage
The senior or C-level executives of organizations operating in critical sectors like energy, nano-computing, semi conductor, oil and gas, next generation mobile technology, banking, and defense are easy targets of cyber espionage, as their log-in credentials provide immediate access to critical data. As a senior executive, you should be extra vigilant while travelling to adversary countries (engaging in cyber espionage to benefit their nation), which may wire your hotel room or bribe the cab or hotel room service provider to get access to any information possible. The WiFi network of a hotel can also be compromised to get access to your internet session. Thus, an executive protection
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to searchSecurity.in you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of searchSecurity.in is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
plan must include defense against cyber espionage activities. Senior executives must
be extra cautious while travelling to countries like China, Russia, Brazil, Iran and Middle-East,
which are considered high risk areas.
Cyber security – a vital element
Every organization has an information security policy to ensure that the information technology infrastructure is updated with the latest antivirus, firewalls and other critical security controls. However, the security policy might not cover executive protection. Therefore, the organization must develop an exclusive executive protection plan to protect senior executives from cyber threats. Huge multinational companies with several chief executive officers, vice presidents, and directors, especially require executive protection plans, imbibing cyber security. However, designing an exclusive executive protection plan for cyber security requirements may not be feasible for the IT department due to constraints in budget and manpower. An organization could thus resort to specialized service providers (though rare) that offer cyber security for executive protection.
To start with, an organization could implement the following measures as part of its executive protection plan:
- Don’t allow senior executives to carry work laptops when they are travelling.
- Provide a second laptop to the executive that never connects to the home-office network (company network). This laptop should preferably carry as less work files and applications as possible.
- Avoid carrying highly vulnerable and targeted applications on such laptops, such as Adobe Acrobat Reader, which is being targeted by several blackhat hackers. Instead, use an alternative PDF reader.
- The executive should try and avoid keeping crucial information on the travel laptop. Important files, presentations, and critical information should be stored on flash drives, which should be carried at all times by the executive. Using encrypted flash drives which offer high security would be even better.
- Conduct a forensic analysis of the travel laptop once the executive is back.
Given the range of risks involved, a chief information security officer managing an executive protection plan must know that protecting an individual is different from securing a facility. A proper risk assessment exercise would help create a profound executive protection plan, involving cyber security.
About the author: Jeffrey Carr, Principal, GreyLogic is a cyber intelligence expert, columnist for Forbes Firewall blog, and cyber warfare author who specializes in the investigation of cyber attacks against governments and infrastructures by state and non-state hackers. Carr regularly consults with agencies of the United States and allied governments on Russian and Chinese cyber warfare strategy and tactics as well as new and emerging threats to critical infrastructure. He has authored a book called ‘Inside Cyber Warfare’ and has spoken on the issue of cyber warfare at various events.
(As told to Dhwani Pandya.)
This was first published in December 2010