Executive Protection: Protecting People is Paramount to Cybersecurity
Physical and digital security are more entangled, which means that knowing threats beyond the corporate perimeter is critical to protect your facilities, systems, data, and people.. As we’ve seen across the cybersecurity landscape, adversaries evolve and adjust their tactics, so security practices must adapt to keep pace – or better, outpace – those threats. Executive protection takes more than a firewall and bodyguards. It requires vigilance and advanced warning across the entire physical and cyber threat landscape.
Executive protection to address increasing executive impersonations
Cyberattacks targeting an organization’s VIPs are on the rise. According to our platform data, 60% have PII for sale on underground marketplaces; scams and fraud targeting executives are up 29% since 2021; and between 2021 and 2022, we’ve seen a 26.2% increase of executive impersonations. I don’t bring up these stats to stoke fear (why attempt to scare the people who have chosen to work in cybersecurity, am I right?). But if threat actors are finding more success targeting executives online, then it’s important to mature security strategies to protect them.
Threat tactics targeting executives range from rudimentary to sophisticated. Phishing attacks, extortion and ransomware, data leakage, and harassment and physical threats are just some of the threats that put your people – and your organization – at risk. Of course, acknowledging the importance of security is different than reprioritizing your security program with budget constraints for needed people, access, and technology. So how can you most effectively and efficiently protect your people?
We generally recommend a five-step approach to developing a cohesive executive protection security program. These steps include:
- Step 1: Map Your Protected Assets
- Step 2: Deploy automation and AI
- Step 3: Understand the role of human intelligence
- Step 4: Reduce vulnerabilities through proactive measures
- Step 5: Empower executives through education
We’ll be diving into each of these steps in our upcoming webinar, featuring executive protection experts, AJ Nash from ZeroFox and Comcast’s Jeff Daisley, former analyst for the U.S. Secret Service. Join them, along with SANS Institute’s Matt Bromiley, on January 24, 2023 at 1 pm ET as they discuss trends around online and physical threats to executives and how to keep your people safe.
AJ Nash, Vice President of Intelligence at ZeroFox
AJ Nash, Vice President of Intelligence at ZeroFox, is a cyber intelligence strategist and public speaker focused on building intelligence programs that capitalize on disparate data and information to create and deliver tactical, operational, and strategic intelligence vital to the protection of personnel, facilities, data, and information systems. He’s planned, designed, built, or consulted on the building and maturation of intelligence programs for dozens of companies and is currently focused on ZeroFox’s continuous growth as a world leader in external cybersecurity and intelligence.
AJ honed his skills across 19 years of military service and defense contracting, serving in roles focused on intelligence collection, analysis, reporting, and briefing. His work has been delivered to military and government decision-makers, including intelligence agency Senior Executives and Directors, the U.S. Secretary of State, Congress, and the White House.
Since moving into the private sector in late 2015, A.J. has spoken at conferences and events around the world and regularly contributes to online and print publications dedicated to cybersecurity and Servant Leadership. He is also regularly invited to participate in podcasts, webinars, and traditional media on those topics, as well as consult on the changing cybersecurity and cyber intelligence business landscape.
AJ holds a Bachelor of Science (B.S.) in Liberal Studies from Excelsior College and both a Graduate Certificate in Servant Leadership and Master of Arts (M.A.) in Organizational Leadership from Gonzaga University.
Jeff Daisley, Senior Security Intelligence Engineer at Comcast
Jeff is a veteran within the threat intelligence industry with over 15+ years’ experience of cyber and physical intelligence analysis support for Fortune 500 companies, government, and federal & local law enforcement. As a Senior Security Intelligence Engineer at Comcast, Jeff has specialized in external threat detection and investigations, executive protection, deep & dark web monitoring, security incident response support, and intellectual property protection. He is currently working on a team comprised of threat intelligence, threat hunting, vulnerability management, digital forensics, and threat detection engineering situated within the Comcast Cyber Security (CCS) organization.
Prior to Comcast, Jeff served as the lead analyst on-site at USSS specializing in reports and analysis relevant to the protection of the President of the United States, and subjects of interest or groups possessing threats to USSS protectees. He also conducted annual threat and vulnerability assessments for the dignitaries attending the U.N. General Assembly (UNGA) focusing on personal safety. He has conducted over 100 Fortune-500 executive threat assessments focusing on the physical and cyber security of C-level executives and their immediate family members. He has a proven record of applying advanced intelligence analytic skills to identify, assess, interpret, and report potential threats. Jeff has a bachelor’s degree from Mercyhurst University Ridge College of Intelligence Studies & Applied Sciences and attended the U.S. Naval Academy.