Intermedia CTO Jonathan Levine offers insight on ‘Phishing in the C-Suite’
In an age when an employee clicking a link in an innocent-looking email can result in something as destructive and damaging as Sony Pictures’ recent experience, it is more important than ever to stay up-to-date on how to protect yourself from phishing emails.
In our new eBook: “Harpooning Executives: How phishing evolved into the C-suite”, we interview Jonathan Levine, Intermedia CTO and security expert. Below is an excerpt of that interview, delving into his views on the latest phishing trends and how companies tend to deal with them.
Q: Email security and spam seem to have always been a concern for businesses. Why do you think there is a renewed emphasis now?
JL: Up until the last few years, spam has been annoying, but it hasn’t really been dangerous. Now it’s becoming increasingly dangerous. Hacking and malware have gradually moved from the domain of hobbyists to the domain of state actors and organized crime. So it’s becoming more common and more malicious.
Q: Do you think businesses are aware of how sophisticated these attacks have become?
JL: I don’t think they are, because there is a rational underestimation of the risk. It is embarrassing for an executive to admit that their controller wired $10,000 to a bank account in Asia, so most businesses don’t report these attacks and it gets under-reported. If it isn’t making headlines, the likelihood of people learning about it on their own is low. This is why so many businesses don’t take action and why they are at risk.
Q: Are you concerned as an executive about the emerging trend of Whaling or specifically targeting C-suite executives for personalized phishing attacks?
JL: I am. C-suite executives suffer from the same cognitive deficits as everyone else. And even if they have higher awareness, there is that optimism that it won’t happen to them. But due to their access to large amounts of intellectual property and proprietary company information, it is extremely important they do everything they can to protect not only themselves but their company.
Q: How can businesses stay on top of security trends?
JL: Ideally the company would have a C-level security officer, but that may only be applicable to larger companies. For smaller companies, maybe legal advisers could help keep them informed. Realistically, staying informed is practically a full time job so outsourcing your security to experts is often a great way to go for any size company.
We hear a lot of security concerns about the cloud. People seem to think that it will make your data less secure. But in reality, if the provider is taking security seriously, the cloud solution is actually more secure. Cloud providers have the means to invest much more than any single customer could. So businesses can benefit from the fact that the cloud provider has a large number of customers that they can amortize the security costs across.
To learn more about the threats of phishing and how to protect your company, we encourage you to read the free eBook and follow the conversation online at #phishingevolves
Want more information? You can also sign up for our webinar series for a live Q & A with Intel Security and Intermedia cybersecurity experts.