The findings of a survey released by Constella Intelligence reveal the habits and patterns that define how cautious organizations’ leaders are when it comes to reducing cyber vulnerability, helping the industry to better understand how social media is being used as an attack vector and how leaders are reacting to this challenge.
The results of the study, which surveyed over 100 global cybersecurity leaders from senior management to the C-suite across all major sectors, including financial services, technology, healthcare, retail, and telecommunications, revealed that 57 percent of respondents have experienced an Account TakeOver (ATO) attack in their personal lives, with email (52 percent) and LinkedIn (31 percent) and Facebook (26 percent).
Cybersecurity Leaders aren’t Paying Enough Attention to Cyber Hygiene
According to the study, 24 percent of respondents use the same password for work and personal use, and 45 percent of cybersecurity leaders put themselves at risk by connecting to public Wi-Fi without using a VPN.
Commenting on the survey report, Constella Intelligence CEO Kailash Ambwani, said “More than ever before, individuals and companies alike need to ensure that a robust and secure environment is in place,”
“Amidst the rise in cyber attacks to organizations, many of which are perpetrated through C-suite impersonations, employee cybersecurity awareness is now arguably as important as an organization’s security infrastructure. And as the professional and personal spheres become increasingly digitally intertwined, both leaders and employees must pay close attention to the role each one of us plays in collective cybersecurity hygiene.”
Cybersecurity Leaders aren’t Being as Proactive as they Should be
48 percent of cybersecurity leaders use their work computer to access social media platforms. Furthermore, 77 percent are willing to accept connection/friend requests from strangers, especially on LinkedIn (63 percent).
In the last 90 days, 74 percent of cybersecurity leaders have been the victim of a phishing or vishing attack. Someone impersonating their CEO has targeted 34 percent of respondents in a phishing or vishing attack.
More than half of the organizations polled have no strategy or procedure in place to track the digital public domain for threats to their brand or credibility.