- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
- How control rooms help organizations and security management
- ITDM 2025 전망 | “효율경영 시대의 핵심 동력 ‘데이터 조직’··· 내년도 활약 무대 더 커진다” 쏘카 김상우 본부장
- 세일포인트 기고 | 2025년을 맞이하며… 머신 아이덴티티의 부상이 울리는 경종
Global CISOs Are Undermining Cyber-Hygiene Efforts
Global cybersecurity leaders may not be practicing what they preach after new research revealed that many are engaging in risky behavior online.
Constella Intelligence polled over 100 global IT security bosses across multiple verticals to compile its latest report, Cyber Risk in Today’s Hyperconnected World.
It revealed widespread poor security practice: a quarter (24%) admitted to using the same passwords across work and personal use and nearly half (45%) connect to public Wi-Fi without using a VPN.
Public Wi-Fi is thought to be so dangerous that the FBI regularly warns the public not to connect when out-and-about.
A similar number (48%) of CISO respondents said they use their work computer to log-in to social networking sites and 77% accept friend requests from people they don’t know, including LinkedIn (63%).
According to MI5, foreign spies have contacted over 10,000 British citizens via LinkedIn over the past five years, using fake profiles.
“The consequences of engaging with these profiles can damage individual careers, as well as the interests of your organization, and the interests of UK national security and prosperity,” the government said in a recent awareness campaign.
Security leaders continue to engage in risky behavior even though attacks targeting them increase.
Over half (57%) have suffered an account takeover (ATO) attack in their personal lives — mainly through email (52%) LinkedIn (31%) and Facebook (26%). Nearly three-quarters (74%) said they’d been targeted by a phishing or vishing attack in the past 90 days. In a third (34%) of cases, threat actors impersonated their CEO, according to the report.
“Amidst the rise in cyber-attacks on organizations, many of which are perpetrated through C-suite impersonations, employee cybersecurity awareness is now arguably as important as an organization’s security infrastructure,” said Constella Intelligence CEO Kailash Ambwani.
“As the professional and personal spheres become increasingly digitally intertwined, both leaders and employees must pay close attention to the role each one of us plays in collective cybersecurity hygiene.”