Why C-suite leaders are prime cyber targets
Senior executives are prime targets for cybercriminals, with 72% of surveyed cybersecurity professionals in the US reporting that cyberattacks have targeted this group in the past 18 months.
This trend, highlighted in GetApp’s 2024 Executive Cybersecurity Report, underscores the growing sophistication of attacks, including the rising use of AI-generated deepfakes, which have been involved in 27% of the attacks.
Cybersecurity strategies
Despite the clear and present danger, many organizations fail to adapt their cybersecurity strategies to protect their top leaders. 37% of companies globally do not provide specialized cybersecurity training to their senior executives, leaving a critical gap in their defenses.
“Companies’ senior executives hold crucial business data, keeping them in the crosshairs of cybercriminals,” says David Jani, a senior security analyst at GetApp. “There’s a pressing need for businesses to prioritize specialized cybersecurity training for their leadership teams.”
Attack frequency
The frequency of attacks is also escalating. 69% of US companies that have previously had attacks report an increase in attacks over the past three years–above the global average of 58%. This uptick coincides with the rise in complexity of attacks. Notably, incidents involving AI-assisted deepfakes and phishing schemes have surged, with senior executives as primary targets.
Over half (54%) of US companies have experienced at least one identity fraud incident affecting a senior executive over the last 18 months, which is 13 points higher than the global average of 41%. Compared to the global average, US senior executives also witness significantly higher risks for fraudulent financial transactions.
In response to these escalating threats, businesses are encouraged to implement comprehensive cybersecurity strategies that include ongoing training and the use of advanced security tools like multi-factor authentication (MFA) and data encryption. Proactive measures, like regularly updating software, monitoring network activity, and preparing for emerging threats like deepfakes, are also vital.