Let’s say you’re a successful business owner or CEO. You’ve put a lot of thought into keeping your family and your high-value assets safe, investing in the latest home-security and surveillance systems, high-quality window and door locks, maybe even your own personal security detail. You can rest easy, right? Well, what if your teenager down the hall is visiting websites infected by malware, your partner is posting details of your birthday party on social media, your home-security system uses a weak password, and the wireless network you’re using to get some work done is unsecured?
You’ve just left the door wide open to cybercriminals.
While many high-net-worth and ultra-high-net-worth individuals—along with their families, family offices and family businesses—have physical security down pat, they’re increasingly vulnerable to cyberattacks. In the criminal world, it only makes sense to go where the money is, but it’s not just wealth that makes financially successful individuals attractive targets. They’re often in the public eye (which can give criminals information to leverage in an attack), and they usually don’t have the same level of security controls in place as their work environments—something cybercriminals know to exploit.
Personal considerations
What should individuals be on the lookout for? Typical cyberattacks against these individuals and families aren’t all that different from those in the business world: phishing, social engineering, identity theft and ransomware are some of the most common ones. However, with the explosion in technology, people who have achieved a high degree of financial success are vulnerable in practically every corner of the home, through Internet-connected appliances, smart-home systems, electronic devices and more. All these vulnerabilities leave them exposed to financial risks and reputational damage, as cybercriminals might demand big payouts and publicly release private information anyway.
For people who are used to having their own IT departments at work, there’s a lot to consider when it comes to personal cybersecurity. Let's assume you do some of your work at home. Does the information technology environment in your home have the same level of security controls as your business? Are you on phone calls discussing board-related issues near a voice-activated appliance that’s triggered by keywords? What support systems do you have independent of your business? To what level does your family office or business extend that protection to you? To what degree do you want your business monitoring your personal and private life?
In our work, we can clearly see that separation between what’s happening in our clients’ personal lives and their business lives is critical. Let’s say a family members’ personal computer gets infected with malware. If you went to your business’s IT contact to fix the problem, you’d potentially be revealing the private life of your family member, which you might not want to do. More likely, you want an advisor who handles your personal cybersecurity separately from your business.
It’s also a full-time job to stay on top of increasingly complex and evolving attacks. Even trained eyes fall for phishing attacks, which trick people into divulging sensitive information or downloading malware. Social media is also giving rise to new types of attacks, as people share their location, photos and personal details online. That’s useful information to break-and-enter artists who know what time someone leaves and comes home from the gym every day. But cybercriminals can use the information people post to carry out social engineering attacks, such as impersonating someone they know and tricking them to send money.
Your own personal CISO
To establish a degree of separation between home life and work life, a personal chief information security officer (CISO) as an on-demand service can work with you to assess, prevent, monitor and respond to cyber threats. Meanwhile, online platforms or “digital vaults” are also ways to keep valuable documents—including tax returns, passports, wills, and insurance and real-estate documents—in a safe, encrypted environment. As a personal cybersecurity service for our clients, we’re the ones they call for help, which offers them privacy and peace of mind.
If you’re ready to have a conversation about your personal cybersecurity and how to protect yourself and your family, please reach out.