This post has been modified to reflect new information since its original publication.
Malicious actors are leveraging the enormous pool of personal information online to identify and customize attacks against lucrative marks like C-suite executives. At the same time, consumers hold executives to higher standards than ever before. In this environment, it’s vital for executives to understand online privacy and the risks it poses to them, their families, and their businesses.
Here are some statistics that reveal the threat landscape executives (and their companies) face due to exposed personal data online, as well as some insights on the best ways to mitigate these risks.
Physical threats to executives are increasing
The growth of personal data on the internet has made it easier than ever before for bad actors to locate and physically confront members of the C-suite, and statistics show that these threats are only increasing.
- 84% of Fortune 500 CEOs received threats during a single month. (ProofPoint)
- 71% of CSOs reported a significant increase in physical threats. (Ontic Center for Protective Intelligence)
- 69% of security and compliance executives have seen a dramatic, year-over-year increase in physical threats against their companies. (Ontic Center for Protective Intelligence)
Cybercriminals are targeting the C-suite
Detailed, personal information is the key to crafting successful spear-phishing campaigns, and these types of attacks are on the rise, according to recent statistics.
- Compared to previous years, C-suite executives are 12 times more likely to be the target of a social engineering incident. They are also 9 times more likely to be the target of a data breach involving social engineering. (Verizon)
- 88% of organizations worldwide experienced spear-phishing attempts. (Proofpoint)
- Nearly 40% of IT leaders think their CEO is the weakest link in their organization’s cybersecurity operation. (Mimecast)
- 66% of organizations saw targeted phishing attempts. (Proofpoint)
- 56% of IT executives say their companies’ top security threat is targeted phishing attacks. (PurpleSec)
More executives are working from home
Statistics show that working from home leads to unsafe behaviors that magnify the risk of a cyberattack, and this risk grows when coupled with exposed online personal information.
- 48% of Americans received targeted phishing emails, texts, or phone calls, during their first six months of working from home. (SailPoint)
- 32% of remote workers say they’ve used a personal device to access their company’s main network and servers. (HP Wolf Security).
- 23% of Americans working remotely have shared their passwords with a friend or family member. (SailPoint)
- 69% of remote workers admit to using personal devices for work tasks. (HP Wolf Security).
Consumer privacy expectations
Data breaches are a main source of exposed consumer information, and statistics show that breaches are becoming increasingly costly, in terms of money and reputation for businesses and executives alike.
- 75% of CEOs could be liable for data breaches if the incidents were the direct result of a lack of focus on (or investment in) cybersecurity. (Gartner)
- 66% of consumers will “cancel” a company—even if they love its products or services—if that company does something they consider wrong or offensive. (Porter Novelli)
- The global average cost of a data breach is USD 4.88 million. (IBM).
- The number of US data breaches reached 3,205 in 2023. (Statista).
Financial executives are especially at risk
Cybercriminals target financial companies because these firms store large amounts of valuable, personally identifiable data, and statistics show that the threats to these institutions are growing:
- 79% of financial institutions said cybercriminals have become more sophisticated, leveraging highly targeted social engineering attacks. (PurpleSec)
- Financial services firms are 300 times more likely than other companies to be targeted by a cyber attack. (Boston Consulting Group)
- Banks have seen a 238% increase in cyberattacks since 2020. (Modern Bank Heists)
- 80% of financial companies experience business email compromise (BEC) fraud. (AFP)
How to reduce executives’ risks
The best way to minimize executives’ risk of cyber or physical attacks is to make it harder for bad actors to find any personal details about these individuals in the first place. However, actually accomplishing this involves significant time and effort.
If you’d like help with this process, please give us a call.
You can learn more about the privacy issues facing executives in these articles:
- Why online privacy is vital to executive protection
- Your roadmap to combating the latest online privacy threats facing executives
- You can’t protect executives from social engineering if your security plan ignores this one thing
- Real-world examples of executives being targeted due to online personal information