Fox-IT’s Chief Research Officer Erik de Jong confirms that CEOs and other executives in powerful positions should be extra careful handling classified information. In an interview with RTL Z he explains that executives are interesting targets for cyber criminals, both in business and in their private lives.
The extortion case of Amazon’s CEO Jeff Bezos shows that even the CEO of one of the wealthiest companies in the world is vulnerable to hackers. The American tabloid National Enquirer published text messages that were sent from Bezos’ personal cell phone. Subsequently, the media company threatened to spread more of Bezos’ personal communications in an attempt to stop an investigation by Bezos. Bezos’ security consultant claims that Saudi Arabia had access to the CEO’s personal phone.
The Bezos case may seem highly specific, but it does teach us important lessons about cyber security. “Every large corporation should map the risks for its CEO,” emphasizes Fox-IT’s Chief Research Officer Erik de Jong. “The position and background of the CEO determines what concrete cases an organization could be confronted with, and therefore the extent of cyber security risks. We should not distinguish between business and private affairs, because neither do the attackers. What’s more, the position of a CEO is always subject to change. For example, when a company is taken over by another company will that change the CEO’s risk profile? We have bi-annual meetings with our client’s executives to discuss relevant threats in order to maintain a high level of cyber security awareness.”
Fox-IT: “Every large corporation should regularly map the cyber security risks for its CEO.”
Bezos chose to be open about the attack by publishing the National Enquirer’s extortion practices in a blog. Erik de Jong: “Bezos did the right thing. It’s the best response he could have given. He simply refused to be extorted.”
Read the full article (in Dutch) here