A new report by Constella Intelligence has found that many information security leaders are guilty of carrying out poor cybersecurity practices and engaging in risky behaviour online.
Polling over 100 global IT leaders across various industries, the Cyber Risk in Today’s Hyperconnected World report revealed that poor security practices are widespread:
45% of respondents said they connect to public Wi-Fi without the use of a VPN.
Public Wi-Fi is considered so dangerous, the FBI has regularly warned against using it. A 2018 study from iPass revealed that 81% of global security leaders had recorded staff Wi-Fi-related security incidents in the previous year. And with the considerable increase in cybercrime throughout the pandemic, the dangers are greater than ever before.
48% said they use their work devices to log in to social networking sites, and 77% accept friend requests from people they don’t know (predominantly on LinkedIn).
Over 10,000 British citizens have been contacted by foreign spies on LinkedIn over the past 5 years, according to MI5.
Using fake accounts, they often pose as recruiters or talent agents who reach out with enticing opportunities, while gathering as much information as possible from their target.
In a recent awareness campaign, the Centre for the Protection of National Infrastructure said:
“The consequences of engaging with these profiles can damage individual careers, as well as the interests of your organization, and the interests of UK national security and prosperity.”
Over half (57%) have suffered an account takeover (ATO) attack in their personal lives — 52% via email, 31% via LinkedIn, and 26% through Facebook.
Securing your accounts using two-factor authentication is one of the best and simplest ways to secure your accounts and mitigate the risks of an ATO attack. Alternatively, Web Application Firewalls can be used to identify and block account takeover attacks by identifying signs of brute force attacks, and bad bot activities.
Amidst the rise in cyber-attacks on organizations, many of which are perpetrated through C-suite impersonations, employee cybersecurity awareness is now arguably as important as an organization’s security infrastructure,” said Constella Intelligence CEO Kailash Ambwani.
“As the professional and personal spheres become increasingly digitally intertwined, both leaders and employees must pay close attention to the role each one of us plays in collective cybersecurity hygiene.”