Senior company leaders are cyber criminals’ latest targets, finds a new report.
A full 65% of Canadian senior executives have been the target of at least one cyberattack in the last 18 months, according to the report by business software recommendation engine GetApp.
And the news goes from bad to worse: 43% of Canadian executives don’t get extra cybersecurity training, despite their elevated risk. Plus, 30% don’t believe they need training in the first place.
“Senior company managers control large amounts of data and have privileged access to some of the most sensitive files, making them a major target for bad actors,” the report reads. “Despite the urgency, executives may sidestep cybersecurity training due to time pressures, putting corporate identity theft protections on the back foot.”
This trend in senior executive cyberattacks is rising. More than half (56%) of Canadian senior execs say they’ve seen a higher rate of cyberattacks against senior-level staff in the last three years.
That’s a shift from the ‘rank and file’ employees that more commonly expose a company to cyber threats.
The top methods of attack against senior execs are malware (50%) and phishing (47%), followed by ransomware (36%), password attacks (32%) and domain name system spoofing (28%).
But artificial intelligence (AI) or assisted deepfakes, biometric security breaches, and ID fraud are also risks, GetApp says.
In Canada, however, deepfake attacks are less prevalent (14%) compared to the rest of the globe (21%).
“Despite fewer deepfake attacks in Canada than elsewhere, companies should remain vigilant as they are likely to grow amid the rising popularity of AI tools,” the report reads.
“Furthermore, many more common and familiar errors made by executives are putting companies at risk today, which should ideally be the priority when addressing vulnerabilities.”
Unfortunately, it’s not always sophisticated attacks that catch leaders off-guard. One of the biggest cybersecurity errors made by Canadian senior executives is downloading files from untrusted sources.
And Canadian senior staff are more likely (45%) to make this mistake than the rest of the globe (42%).
These simple attacks might be slipping through the cracks more easily because senior execs in Canada aren’t receiving additional security training.
Resistance from senior leaders due to time constraints (34%) and lack of time and resources across the company (33%) are the two main reasons. Plus, 30% of senior leaders believe their cyber security knowledge is good enough to skip training.
“The data clearly shows that Canada lags behind in some forms of cybersecurity preparedness,” the report reads. “Senior staff of local businesses in the country are an easy target for cyberattackers due to the lack of seriousness given to special executive cybersecurity training compared to global peers.”
Feature image by iStock.com/D-Keine