THE HERO of THE STORY:
The CISO
- CISO of Healthcare Company
- Corporate Protections in Place: VPN, MDM/BYOD, Network Security
- Recently started building executive protection program for personal cybersecurity and privacy
The Problem
Identity Theft of Everyone on Executive Team
- Small business loans being taken out in their name.
- Executive, security, and legal teams distracted from strategic focus and normal operations to remediate the situation.
- CISO and Corporate General Counsel had to get involved to sort it out.
- Entire Executive Team hit with unemployment fraud.
It wasn’t just the executives at risk, it was the entire company.
BlackCloak’s Guidance
We recommended a three-tier approach to help mitigate risk and create a lasting culture of cybersecurity within the company.
Address current fraud situations and re-assure executive team
How:
- Do so quickly while taking the executives offline or away from work as little as possible
- Collaborate with CISO and General Counsel to provide updates on remediation
Prevent unemployment fraud or identity theft from happening again
How:
- Remove personal information from data broker websites
- Provide execs with intel on exposed passwords and walk-through addressing the resulting vulnerabilities
- Harden the privacy settings of personal devices so they leak less data
Get executive buy-in for new executive protection program for personal cybersecurity and privacy
How:
- Show value in terms of business risk
- Provide education on current state of cybersecurity
- Position BlackCloak platform as a simple, effective solution
Putting the Plan into Action
The CISO was already proactively working on a program before the incident, and accelerated negotiations for an agreement with BlackCloak for Executive Coverage for 14 members of the senior leadership team. With BlackCloak as their guide, the CISO rolled out protection for their digital lives and work.
Executives provided a small amount of information so BlackCloak could:
- Remove personal information from Internet Data Brokers to reduce possibility of future unemployment fraud or identity theft
- Scan the dark web and give them their exposed passwords so they can change them, stop their use, and limit future data loss
- Provide identity theft protection and monitoring services
Executives leveraged BlackCloak’s concierge team for personal guidance on preventing invasions of privacy or identity theft:
- With just a couple clicks, executives downloaded and used the BlackCloak application to monitor their personal devices for malware or other security weaknesses
- They used the application dashboard to get a single view of their overall security posture including their home networks and information privacy
