We use cookies on our website. To learn more about cookies, how we use them on our site and how to change your cookie settings please view our Cookie Statement.
By continuing to use this site without changing your settings you consent to our use of cookies in accordance with our Cookie Statement.
August 2023
Insights/Shielding Executives from the Digital Storm

Shielding Executives from the Digital Storm

By Timothy Gallagher and Lee Macfarland

While businesses frequently assess their online reputations, cyber security, and online data vulnerabilities, the same level of scrutiny is not always applied to these areas as they relate to company executives. Investigations of social media, deep web, and dark web sources can identify vulnerabilities in the online presence of senior managers. These vulnerabilities need to be detected and addressed to ensure cyber threats do not make their way into the company’s digital environment.

The rapid advancement of technology has allowed businesses to reach customers worldwide, build global brands, and streamline operations. However, it has also opened businesses to a broader range of cyber threats, which range from data breaches, phishing, and ransomware attacks to intellectual property theft and online fraud.

Websites and cloud data are not the only vectors for cyber-attacks on a business – the personal online profiles of executive managers or directors are increasingly targets for bad actors. Employees with a prominent online presence, often the most senior executives, may face aggressive online behavior, including trolling, cyberbullying, and even direct threats of physical harm. Determined threat actors can use information about executives found online to pose threats offline. For example, in June 2020, a group protesting low wages paid by Amazon reportedly set up a guillotine outside of Jeff Bezos’ home in Washington, DC. The New York Times reported that a protest against the use of fossil fuels held outside the New York residence of BlackRock’s CEO was one of a growing number of protests against the asset manager’s investments in coal.

Exposure of individuals’ private information, commonly referred to as “doxing,” has become a form of protest in itself. This risk is intensified by the rising frequency of calls for violence, as malicious actors believe they are hidden by the veil of online anonymity when posting on social media. Just last year, a protestor against a US Supreme Court decision used doxed information to travel to the home of Justice Kavanaugh with a pistol, duct tape, and pepper spray, with the intent to break into his house and kill him. However, a home address is only one of many pieces of sensitive information that can readily be found online.

The abundance of information available on social media and in the deep and dark web means that there are numerous vulnerabilities bad actors can exploit. Companies that provide personal security to executives who travel through high-risk countries, including coverage by close protection officers who assess risks in real-time, fail to even consider providing equivalent levels of security on the treacherous landscape of the internet. Executives need to carefully monitor and manage their online presence, considering which information is publicly available and adopting privacy settings that limit access to personal details. A thorough online vulnerability review by a cyber investigation team can help assess the amount of information available to bad actors and suggest options for threat mitigation and for the removal of adverse information.

Many immediate vulnerabilities can be found on the deep web and dark web. Records posted there from website data breaches can reveal the passwords associated with an executive’s email address or common usernames. This information can be exploited to gain unauthorized access to executive email accounts or other online platforms containing sensitive data. While fraudulent financial transactions are the primary risk of business email compromise, a bad actor with a long-term mindset could, for example, exploit undetected email access by learning material non-public information and using it for insider trading gains.

Even when passwords are not leaked in data breaches, dated or forgotten website profiles can be mined by bad actors. Old social media profiles, especially on dating apps or gaming websites, may contain information that could cause embarrassment and be used to blackmail executives. Where a great amount of compromising information is found, it could form the basis of a smear campaign against the company itself.

Even when corporate leaders are diligent in safeguarding their personal identifying information online, it is important to recognize that close family members may not exercise the same level of caution. To ensure a comprehensive approach to online personal data protection, it is often advisable to extend a preventive investigation to include the online profiles of individuals residing in the same household as the executive. Investigators will seek to identify any inadvertent exposure of residential addresses, frequently visited locations, or travel plans: data that could compromise the security of an entire household.

Companies often mount a monitoring program during times of heightened risk of negative attention or, in the unfortunate event that a threat is received, trace and attempt to identify the bad actor. However, it is less useful to capture a burglar than it is to ensure no break-ins occur in the first instance. The best way to protect against threats is to establish and maintain pro-active online security awareness. Organizations need to actively monitor the online presence of the prominent faces of their business, identify and mitigate potential vulnerabilities, and work towards maintaining good online hygiene. Organizations that safeguard personal and professional reputations allow executives to remain focused on managing, rather than defending, their and the company’s reputation.


Timothy Gallagher

Managing Director, Digital Investigations & Cyber Defense and Chief Security Officer

1401 K St. NW, Suite 725
Washington, DC 20005
T: +1 202 545 3017


We've got you covered


We get to the truth before it's too late


Why risk it?