Executives at Elevated Risk for Cyber Threats on Social Media
Friday, February 19th, 2021
SafeGuard Cyber, the only SaaS platform dedicated to managing the full lifecycle of digital risk protection, today released findings from a survey of 600 enterprise leaders across marketing, communications, and information security roles about the cyber risk exposure to their companies' executives' social media accounts. Key findings indicate that while enterprises are investing more in executive communication programs, security remains an outstanding concern. Oversight is lacking, record-keeping is often manual, and the responsibility for risk management is unclear.
The survey sought to uncover how companies consider the security risks involved, and their organizational approach to risk management. The survey was conducted online in December 2020, among 600 senior enterprise IT and security professionals at companies with annual revenues between USD $100M to $1B+.
Key findings include:
- Fully 56% of respondents said the role of executive communications will 'increase in importance of priority' during 2021, following the tumultuous events of 2020.
- When it comes to cyber risks, 1 in 3 enterprises are most afraid of impersonation or fake accounts. A quarter of respondents are most worried about the possibility of an account takeover.
- Enterprises recognize the consequences of a cyberattack on executive leaders' social accounts. In the event of an account compromise, 70% of respondents said their company would suffer brand or reputation damage. Half of respondents predicted risk to shareholder value.
- Despite awareness of cyber risks, 43% of enterprises polled said they currently have no protective oversight of executive social media activity.
When asked which department(s) within the organization owned responsibility for executive communications, 43% reported executives operate their social media channels independently. Twenty-seven percent said ownership rests with PR/Corporate Communications; 14% said there were 'multiple owners'; 11% placed ownership with the CMO.
Responsibility for protecting executive accounts was split among the survey-takers. Twenty-nine percent said the CISO had responsibility for this; 28% said Marketing / Comms were caretakers; 20% outsourced this function to an agency; and 16 percent said 'multiple owners,' with seven percent not knowing.
"The organizational risk exposure from bad actors breaching executives' social accounts is high and getting worse every day. We were surprised to see some of the results of this survey, as they demonstrate a clear understanding of the risks, but a lack of substantive action to mitigate them," said Jim Zuffoletti, CEO and co-founder, SafeGuard Cyber. "Organizations typically have a robust infrastructure to keep hackers and other bad actors out of their company systems, but often ignore third-party communication apps and social media accounts. Executives' accounts can be manipulated by takeovers or fake accounts, leading to tremendous brand damage, a loss of proprietary information, stock manipulation, and more. This should be a wake-up call to companies that their executives' accounts have to be protected as dearly as their company networks and data."