ARTICLES

Protecting Corporations from Executives’ Private Lives

One aspect of changing careers from a sales role to an analyst role that I really enjoy is the exposure to new perspectives. Selling a product requires great depth of knowledge, but the breadth is relatively limited and often encompasses only the market into which the product is being sold. In contrast, as an analyst I get to enjoy a wide breadth of knowledge which allows me to be exposed to ideas I had not previously considered (hopefully the depth comes over time).

It has been my experience that the overwhelming majority of cyber security solutions on the market focus on protecting the corporate environment. This of course makes sense as CISOs and their teams have domain over the corporate environment and can enact changes and enforce controls in an effort to prevent security events. Cyber security is a fast paced world where new vulnerabilities are constantly being discovered and implementing solutions to plug these holes is rightfully the primary focus of security teams. However, the risk of a breach does not stop once you leave the four walls of the corporate domain.

There have been a few instances of me saying, “Huh. I hadn’t thought of that,” since I started analyst work, and the most recent instance was when we sat down for a briefing with Dr. Chris Pierson and Christine Schaefer of BlackCloak. The idea that was presented was in the form of a question, “what happens once executives leave the office and go home?” Once I thought about it, it became obvious that the security risk executives face at home on their personal devices is just as important as the security risk they face in the office.

Personal Device Protection

While security teams are focused on preventing security incidents in the corporate environment, attackers are always searching for the lowest hanging fruit to gain footholds, and one of the lowest hanging fruits is probably found at the home of executives. Executives and their families pose a risk to corporations while outside the domain of the CISO—password reuse, unprotected devices on the home network, and relatively open home networks are all easy targets for attackers. Social engineering also continues to be one of the most effective way for attackers to gain a foothold and any compromise of a personal account of an executive or their family would open an avenue for attackers. All it would take is compromising an internet connected device in the home to gain access to the network which can be a launching point to infect corporate devices or intercept corporate communications.

BlackCloak offers concierge cyber security solution for corporate executives by focusing on four main areas – privacy, home protection, device protection, and peace of mind. Their solution includes scanning for exposed credentials on the deep and dark web, removing all personal or private information found on data broker websites, and providing device hardening for IoT devices and smart home systems. BlackCloak provides these features in a platform with 24/7 monitoring, protection, and remediation through concierge support. Companies purchasing on behalf of their executives receive semi-annual reporting on the state of cyber security across the team without any disclosure of personal information, thereby protecting the executive’s privacy even from the company itself.

Keep Protection, Remove Liability

Some large enterprises may already have an internal executive operations team that is focused on providing security services to executives and their families, but there is a fine line to walk with respect to privacy. Enterprises do not want the risk and privacy liability that comes with having access to private personal information of executives and their families, and the boundary for monitoring is often not clearly defined making it hard to provide comprehensive protection. BlackCloak alleviates this issue by taking over the responsibility of managing the risk of protecting private personal information while meeting corporate SLAs and keeping personal information private from the corporation.

BlackCloak addresses an area of cyber security that is easy to overlook. By providing a platform with concierge service, BlackCloak is an attractive choice for large enterprises that want an alternative to their executive operations teams or for corporations that do not currently have executive operations teams in their cyber security programs. In such a highly connected world protecting the home of executives should be just as important to CISOs as protecting the corporate environment.