Self cyber-defense and security for c-level executives on the move

Last updated: 24 October 2014

International travel and jam-packed schedules have always been the norm for C-level executives, but mobile devices, Wi-Fi and an increasingly data-led economy have made them more exposed to cyber-attacks than ever before. They are arguably a business’ most valuable and vulnerable asset. My colleague Alexandre Bordier elaborated on this in a post earlier this year.

Given you can’t be with them at all times, we’ve compiled the following top five tips so you can encourage them to defend themselves when they’re out and about:

  1. Pick a prolific and highly- personal password that involves information that you, and only you, would know. Recent research shows that generic phrases such as “Password1”, “password” and “Hello 123” are still the most commonly used. Just as many opt for the obvious, like their pet’s name, significant dates (such as wedding anniversaries or birth dates) and family members. Think about how often you talk socially about these things, tweet or share them on Facebook…and you’ll understand why they’re so easy for the data thieves to crack. You’re far more likely to remain safe if you pick a totally random word out of the dictionary. Alternatively, Mister Acacia has written a very detailed guide on how to create a good strong password here.
  1. Don’t take devices or documents out drinking after that long business meeting or conference; if you do, ensure that your IT team encrypts them. Over 15,000 mobile phones, 506 tablets and 528 laptops were lost on the London Underground alone last year. Lost devices lacking basic security measures such as encryption can result in hefty fines from the Information Commissioner’s Office. And you definitely don’t want to end up like that young Apple Software Engineer who left an iPhone prototype in a bar in California whilst out drinking for his birthday, leaving valuable secrets which were leaked all over the media.
  1. Be wary of open Wi-Fi networks in hotels, conference centers, airport lounges and anything similar. As ethical hacker Jesus Molina illustrates by hacking the St. Regis ShedZhen luxury hotel here, most hotels have terrible security – leaving their digital doors, and the devices of their residents, open to attacks from hackers all around the world.
  1. Seek privacy for those confidential conversations or when you’re reviewing a forecast document as you never know who is listening, or looking, over your shoulder. It took just a handful of days of focused listening for Ken Hess of ZDNet to overhear one man’s social security number, credit card number and security number on the back of the same credit card in one conversation…over the phone, in a book store. Just because you’re not paying attention to anyone else, doesn’t mean someone isn’t paying attention to you!
  1. Take time to train on tech security. Ignore the temptation to delete that calendar invite from the IT team because you’re “too busy”. With the average American company alone suffering over 16,000 cyber-attacks in 2013, the safeguarding of your business’ data is one of your most important responsibilities, even though it probably isn’t in your job description. Security techniques and solutions are constantly changing to keep up with the increasing number of attacks, so it’s essential you keep up.

 Let us know if you’ve got any practical tips to add to the list in the comments.