With rising cybersecurity threats, it is no longer just about becoming aware of IT breaches and protecting intellectual property. The rise of global security threats has expanded to the targeting of high-level executives—those with access to critical company financials and who serve as the face of the company. This means you must deploy a personal cyber-threat management plan. Remember that your executive brand is ‘company equity,’ and this type of incident can cause your employer to lose customer trust, a competitive edge, and even stock value.
According to align.com, 7 out of 10 businesses are unprepared to deal with cyber attacks; the average cost of data breach in 2018 was $3.86 million, and 91% of cyber attacks begin with phishing emails.
Chiefexecutive.net shares that there is still a huge misperception that cyber risk is an issue for large companies.
ARE YOU CONFIDENT THAT YOU HAVE TAKEN EVERY STEP TO ENSURE YOUR DIGITAL FOOTPRINT AND BRAND IS ‘TEFLON-PROOF?’
Today’s leader is ‘plugged-in’; thus, more vulnerable to hackers. This means that your personal information, photos, and contacts can be accessed by those with malicious intent. While your executive brand is on the line, you are also a portal to critical company information, and this data will be leveraged to exploit your company’s tech vulnerability, expose sensitive financial information, and harness customer data.
“WHILE THE MAJORITY OF MEDIA REPORTING ON CYBERATTACKS IS FOCUSED ON DATA BREACHES, THE CONSEQUENCES FOR REVENUE, OPERATIONS AND OTHER FUNCTIONS ARE VERY REAL.” [Chief executive.net]
CEOs and Board members aren’t the only executives who must worry about becoming a target for hackers—leaders in Finance, HR, and IT are also among the most high-profile targets for security breaches. Protecting your executive brand isn’t only a personal must but an obligation to your company. It is also a smart career management strategy.
IMPLEMENT THE FOLLOWING 10 CYBER SECURITY PRACTICES TO PROTECT YOUR EXECUTIVE BRAND
- Have minimal personal information online. Expand your footprint but be selective as to what information you share online. For example, do not share your location or ‘check in’ to a location on Facebook with your mobile phone.
- Centralizing isn’t always good. Diversify the portal of entry for these malicious attackers. A personal phone and a separate business cell phone is a good example of how you can diversify gateways to your information.
- Update frequently. Routinely update your computer’s security software, change passwords, and security verification questions to sites you often visit.
- Keep personal and business separate. E.g., No personal emails from your work computer.
- Use Google’s Security Checkup. Google offers a way for you to check any vulnerabilities in your account’s security. Take advantage and conduct routine audits.
- Doublecheck hyperlinks. Before you click on any link that isn’t familiar, hover your cursor over it and see if you can read the entire URL. This will help you avoid email scams.
- Lock or encrypt important files. Should you misplace your phone or perhaps you were misfortunate, and someone hacked your computer, make it nearly impossible for them to crack confidential files.
- Use external hard drives to back up your information. Don’t keep all sensitive files on your laptop or mobile. Make it a routine to backup your digital data externally.
- Have a crisis management strategy ready. What are the steps you would take next in the event of a personal brand breach? If your social media, mobile, or emails were hacked, what would you do next? Consult with a security expert or a career management coach to ensure that you are proactive to any threats.
- Expand digital security practices to supporting staff. Those close to you also need to follow a tight risk mitigation program. The consensus among top technology blogs is that software whitelist for all employees should be updated every year.
Invest time to become aware of the different security threats based on devices (smartphones, tablets, and other IoT devices), and resilient to cyber-risk.
It is not a matter of if you will be vulnerable to an attack, but when.