Breaking Down BlackCloak Part 2 — We Help Protect Executives' Personal Devices
In the previous article, we wrote about today’s most complex privacy risks, and the many ways in which BlackCloak helps protect the personal privacy of the C-Suite, Board Members and senior executives.
Next in our four part series on digital executive protection, we discuss how BlackCloak helps protect personal devices outside of corporate control, such as smartphones, tablets, laptops, and computers, from cyberattack.
The pandemic’s impact on personal device security
While corporate investment in device security has steadily increased over the past decade, the COVID-19 pandemic accelerated adoption. CISOs needed to quickly lockdown devices without sacrificing worker productivity or efficiency. As such, the endpoint security market is expected to surpass $24 billion in annual revenue by 2024.
Device security, under the purview of security teams, is remarkably effective at preventing attacks from compromising private networks, files, and other machines. There’s just one problem: endpoint and device security cannot extend to personal devices.
Lateral movement from the personal to professional on the rise
Cybercriminals are now regularly targeting executives and high-profile individuals in their personal lives to bypass corporate controls and move laterally into the organization. This started to occur before the pandemic normalized remote and hybrid work, and will continue even if there is a shift back to office work in the future.
According to the cybersecurity company Sophos, “people are more likely to use work devices for purposes beyond just their intended ones – reflecting the likelihood that consumers will use any device that’s convenient or available to them for online activity, and not necessarily restrict themselves to using specific devices for specific purposes.”
For some senior leaders, the line between personal and professional devices has become entirely obsolete.
Your devices are more vulnerable than you know
Conducting work on a non-corporate device is not as innocent as it may seem. That’s because personal, family and household devices are often ridden with vulnerabilities.
According to a ZDNET article recapping a CyRC study, “over 60% of Android apps contain security vulnerabilities, with the average number of bugs per-app totaling a whopping 39 vulnerabilities.”
Additionally, at least 38% of iOS apps have vulnerabilities, according to research by Positive Technologies. Yet the majority of consumers still believe that iOS apps and devices are immune to threats and vulnerabilities.
Why enterprise security and consumer tools can’t solve the problem
It shouldn’t come as a surprise to learn that security teams can’t extend (BYOD) or mobile device management (MDM) onto personal devices. They can’t put an agent on an executive’s child’s smartphone. And locking down that family iPad – nobody in the household would approve of that.
But even if extending device security was possible, there’s no way for CISOs to configure, train and enforce policies. No security team can mandate that an executive’s spouse complete a one-minute phishing awareness training simulation. They also cannot expect a teenager to download the latest operating system as soon as it’s available.
Not to mention, CISOs don’t really want the burden of having to protect executives’ personal devices. They have more than enough work to protect the business on a daily basis.
Further, there are a variety of highly-commoditized cybersecurity tools, technologies and solutions, such as VPNs, firewalls and antivirus, that can help reduce some risk to devices. But such solutions are not built to prevent, detect and respond to the various types of sophisticated and specific threats targeting senior leaders.
How we help protect your personal devices from cyber attacks
Using a mix of proprietary technology and the same tools that security experts at Fortune 500s deploy, we monitor, detect, prevent, and block threats to your devices that can occur when someone accidentally clicks on a malicious link or opens malware from a phishing scam. Our US-based security operations team works diligently to remove any known and quantifiable threats that are detected and before damage can occur.
During our onboarding sessions, our concierge team helps clients:
- Configure multi-factor authentication
- Limit or disable location tracking services
- Install and configure secure web browser
- Enable lock screen controls
Each day, we monitor all devices to ensure that:
- Firmware and operating systems are updated
- No devices are jailbroken
- Vulnerabilities are quickly patched
- Known and novel threats are discovered and reported to the SOC for analysis in real-time
When necessary, our team immediately begins incident response to minimize the impact of an ongoing attack.
We also deploy proprietary deception technolog to lure attackers into interacting with a simulated home network. Cybercriminals become enticed by the potential data that appears within their reach and attempt to compromise it. Once the attack is detected, our SOC investigates and intervenes before damage is done.
Watch this video to learn more about how our Concierge Cybersecurity and Privacy Platform helps reduce risks to personal devices. Stay tuned for our third article in this four part series, which will detail how we protect homes from cyberattack.