Top 5 ways business executives can stay safe online

To keep companies safe, senior executives must protect their personal accounts, too. The New York Times reported that a group tied to Russian intelligence had hacked the emails of senior-level Microsoft executives. In a CNBC follow-up article about the incident, the outlet noted that a government review board had described the hack as ‘preventable’ and that Microsoft had subsequently decided to link executive pay to “successful cybersecurity performance.”

There has never been a better time for business leaders to take control of their online security, enabling organizations to achieve cybersecurity for executives. Here are the top five ways that senior executives can protect themselves online:

Executives must understand current cyber threats to make informed decisions about their organization’s cybersecurity. Cyber threats can manifest in various forms, including phishing, ransomware, and other types of malware, each capable of compromising an organization’s assets and data, potentially leading to costly damage to its reputation and finances.

One of the easiest ways hackers access accounts is through weak, easily guessable, or reused passwords. A trusted password manager can generate strong, unique passwords for all your accounts and store them securely. This removes the need to remember dozens of different passwords and makes it much more difficult for hackers to gain access. Plus, as long as every password is unique, should one be compromised, the rest of your accounts will remain secure. 

Enabling two-factor authentication creates an extra layer of security for accounts by requiring a second form of verification, such as a fingerprint or a code sent to your phone, in addition to your password. This makes it harder for hackers to access accounts, even if they manage to figure out your password. Avoid using SMS text messages as the second factor for the most secure authentication. This method of 2FA is prone to SIM attacks, where a hacker ports your phone number to a new SIM card.

Bitwarden offers several multifactor authentication methods to add to your Bitwarden vault via FIDO2 WebAuthn credentials, authenticator app, and email.

Phishing scams typically involve an email or text message that appears to be from a legitimate source, such as a bank or a government agency but is actually from a hacker. The message will usually contain a malicious attachment or link that, when clicked, will lead to a fake website that looks real and will ask for personal information such as login credentials. Be cautious of any suspicious email or message, and never click on any links in an email or message unless you are certain of their authenticity. A good password manager will help identify these sites by not automatically filling in your passwords if it doesn’t recognize the URL—providing an early indicator that something is suspicious.

Ensure operating systems and installed software are kept up to date, since updates often include security patches for known vulnerabilities. Employ any built-in security mechanisms to devices, such as biometric unlock, and add extra protection or encryption where possible. Additionally, fostering a culture of cyber awareness within your organization is crucial to understanding and mitigating the implications of cybersecurity threats.

Senior executives are likely to be known figures in some ways, meaning their online presence is visible to malicious actors keen to disrupt cybersecurity for executives. Executives must be mindful of what they post online and ensure the information is not sensitive or potentially damaging. Use privacy settings to limit the information available to the public, and be cautious of which social media apps are used. Hackers can use this information to answer security questions (i.e., what is your mother’s maiden name?) to get around two-factor authentication or password reset requests.

By taking these steps, senior executives can significantly reduce the risk of compromised accounts. However, it's worth noting that systems are only as strong as those using them, and executives should always be vigilant and aware of any suspicious activity. Regularly review security settings, have an incident response plan in place, and educate your team to be aware of the common scams and phishing attempts.

In summary, keeping your online accounts safe requires a multi-layered approach. By using a password manager, enabling two-factor authentication, being wary of phishing scams, keeping your devices secure, and being mindful of your online presence, you can significantly reduce the risk of compromised accounts. Remember, security is always an ongoing process, and it's essential to stay updated and vigilant.

It only takes 1 email, a 30-second call, or 1 social media DM for her to hack VIPs and gain access to your money, data, and systems.

Rachel Tobac, hacker and CEO of SocialProof Security, executes social engineering attacks like these for a living and uses her ethical, real-life hacking stories to keep VIPs and business executives up to date on the methods criminals use. In the Hacker's guide to securing your organization ebook, Rachel breaks down how remote work has changed the hacker playbook, recent cyber attacks in the news, and how to defend against the latest executive-based manipulation tactics. Her stories from the field and live hacking demonstrations throughout the webcast will keep you and your team "politely paranoid" to catch the next human hacker in the act. Effective cyber risk management is essential for businesses to protect against these evolving threats and prioritize cybersecurity for executives.

Ready to try out a password manager for business? Register today for a free Bitwarden account, or start a 7-day free trial of our business plans to protect your team and company colleagues online.