The digital world is more interconnected than ever, bringing convenience and speed to what used to be manual tasks, but also an ever-increasing collection of new dangers. For business leaders, this reality translates into an expanding threat landscape where the lines between personal and professional, and digital and physical, are increasingly blurred.

We sat down with Matt Covington, BlackCloak’s VP of Product, to unpack the latest findings from the BlackCloak and Ponemon Institute 2025 Digital Executive Protection Report and explore what its findings mean for executive security today.

Q: What does the Ponemon Report tell us about the current state of cyber threats to business executives, particularly regarding deepfakes?

The 2025 Digital Executive Protection Report, informed by findings from the Ponemon Institute, paints a stark picture of a rapidly evolving threat landscape. The report reveals a notable increase in attacks targeting business leaders, with survey respondents reporting a rise from 43% in 2023 to 51% in 2025. This acceleration is largely driven by executives’ expansive digital footprints, combined with largely unmonitored, insecure home networks and personal devices (that are often used for work purposes), as well as a lack of security training and preparedness among companies to prevent such attacks. The report highlights that, specifically, deepfake impersonation attacks targeting executives have climbed from 34% of respondents reporting an incident in 2023 to 41% in 2025.

As the barrier to entry for creating sophisticated and convincing deepfakes continues to drop, we expect to see more attackers exploiting AI to power their social engineering attacks. With every new advance, generative AI becomes faster, cheaper and easier to use. As a result, attackers and defenders are caught in a relentless “cat-and-mouse game,” where both sides employ increasingly sophisticated technologies, placing the onus squarely on defenders to keep pace. The report also points to visibility challenges that make detecting a specific attack tactic, such as deepfakes, challenging. Half of respondents said their team did not have the insight required to prevent a breach, so it’s not surprising that the majority of respondents said that detecting a deepfake attack was difficult.

Q: How do these report findings align with what BlackCloak sees on the front lines with customers and prospects?

The Ponemon Report findings align with BlackCloak’s daily observations on the front lines, highlighting a sharp reality: the threat landscape is rapidly shifting, placing high-profile, high-value executives squarely in the crosshairs for both cyber and physical attacks. We are witnessing an acceleration of sophisticated tactics, such as deepfakes and impersonation scams, that directly target these leaders in their personal digital lives. Attackers recognize that executives’ personal devices and home networks often represent the path of least resistance through which they can penetrate corporate defenses. Compromising an executive can lead to severe financial losses, reputational damage, and disruption to their personal lives, all of which have direct and devastating consequences for organizations.

Securing the company network is no longer enough; protecting the individuals who lead the business—and their families—has become an essential component of enterprise risk management, moving Digital Executive Protection from a “nice-to-have” to a non-negotiable security imperative.

Q: Beyond detection, how does BlackCloak help victims after an attack, and, more importantly, how do you prevent future incidents?

BlackCloak’s approach to managing cyber incidents, including deepfake attacks, is multi-faceted, focusing on both robust long-term prevention and immediate damage mitigation.

Our prevention strategy encompasses comprehensive defense in depth. This includes implementing robust email security protocols, establishing strong multi-factor authentication (MFA) across all accounts, and deploying secure password managers, along with continuous home network and device monitoring. Our goal is to minimize the client’s digital footprint, proactively monitor their personal devices and home networks for threats, and educate them and their families on best practices for online safety.

More importantly, we focus on stopping future attacks through a defense-in-depth strategy and innovative tools. For example, when a client receives a suspicious voicemail, message, or video call invitation, they can rely on our unique Identity Verification (IDV) feature within the BlackCloak platform, which allows the user to send a discreet request to the purported sender to verify the legitimacy of the message or interaction. The true value of IDV lies in ensuring the integrity of the client’s trusted network and provides a vital layer of real-time authentication in a world where distinguishing real from fake is increasingly difficult.

In the aftermath of any attack – be it a deepfake impersonation leading to fraud, or a sophisticated phishing attempt – our Security Operations Center (SOC) team acts swiftly. This includes assisting clients with critical steps like initiating credit freezes, disputing fraudulent charges with financial institutions, and securing compromised accounts to stop further financial loss or data exfiltration.

Q: According to the Ponemon Report, despite known risks, only 48% of organizations include Digital Executive Protection (DEP) in their security strategies. Is this surprising to you?

The 2025 report shows a marginal increase from 42% in 2023, so there is movement in the right direction – yet more companies need to take a proactive rather than a reactive approach to Digital Executive Protection. The report also shows that while 62% of security professionals believe their executives will likely be targets, only 43% provide personal digital asset training, and a mere 50% plan to train executives on deepfake recognition.

The gap between knowledge and action is somewhat surprising, but we often see companies having a “let’s wait until something happens” attitude towards ensuring their executives’ personal digital security. The truth is, the stakes have never been higher, and Digital Executive Protection is now a business imperative. As these types of attacks continue in frequency and impact, I expect more companies will wake up to the fact that Digital Executive Protection is a critical part of cybersecurity and prevention.

Q: What other trends are highlighted in the latest report? How does BlackCloak address these issues?

The report emphasizes another concerning shift: since 2023, there’s been a sharp rise in cyberattacks exploiting vulnerabilities in executives’ homes, with the theft of intellectual property and breaches of home networks rising to the second and third-most common impacts of executive-targeted attacks in 2025. This is a notable change from two years ago, when the most damaging outcomes after financial loss were the erosion of business relationships and regulatory non-compliance.

Digital Executive Protection (DEP) is BlackCloak’s holistic answer, safeguarding executives and their families in their personal lives, and subsequently the company itself, from online threats before they escalate into enterprise breaches.Our mission is to secure individuals against today’s sophisticated cyber threats, extending comprehensive privacy and cybersecurity far beyond the corporate perimeter. Our unique platform and services protect executives and their families across every facet of their connected lives – from their personal smart devices and online accounts to their entire home networks and smart home technology. We achieve this through proactive measures like data broker removal and implementing sophisticated privacy protections that drastically reduce an individual’s digital footprint.

We also offer continuous monitoring and safeguarding of their devices, home networks, and smart home technology. Our solutions are bespoke, tailored to the unique needs of each client, and delivered with around-the-clock expert care. This integrated, “white-glove” service ensures unparalleled peace of mind for business leaders and high-net-worth individuals, knowing that their families, identities, reputations, and finances are robustly secure against an ever-evolving threat landscape.

To get a copy of the BlackCloak and Ponemon Digital Executive Protection Report 2025, visit https://blackcloak.io/white-papers-reports/ponemon-digital-executive-protection-report-2025/.