In general, it’s a good idea for executives to be vigilant in how they handle email. “A big set of scams is now the ‘CEO phishing,’ when an adversary sends out email pretending to be the CEO working on a clandestine deal, needing assistance,” says Andrew Ellis, CSO at Akamai Technologies, a provider of content delivery network services.
“The more that your normal mail looks like this, the easier it is for adversaries to get your company to behave inappropriately,” Ellis says. “Modern email clients can make it hard to tell when a message comes from outside the organization, but not all do. Consider advising your company to tag, or change colors, of all messages from outside the company.”
5. Create and enforce rules for executive travel
Most executives are on the road quite a bit, for industry events, speaking engagements, or visits to clients. This puts them at risk, especially if the travel plans are well known ahead of time.
It’s important to have in place and enforce policies about what is and is not permitted during travel. This might include not allowing key executives to travel together at the same time and via the same mode of transportation, Taule says.
The travel policy should cover the use of mobile devices on the road. For example, executives should not be allowed to take their main work laptop computer on a business trip, but instead use a loaner device that does not have any sensitive data stored.
Sign up for CIO Asia eNewsletters.