Sunday Security has found a new way to close a potential cybersecurity vulnerability in the enterprise. That potential weakness is the organization’s executives, especially their personal online accounts.
“Anyone who does basic phishing can probably get into one of those accounts,” said Zack Ganot, CEO of Sunday Security. Ganot explained that attackers have discovered that the easiest way to attack a highly-secured enterprise is to start by attacking senior executives who have access to the organization’s most sensitive data. In many cases, once they have access to that person’s information, they have everything they need to break into the company itself.
Ganot said Sunday Security grew out of a consulting practice in which he and others found they spent several days with each senior executive to secure their accounts. “And even then it wasn’t really an ongoing protection situation,” he said.
“We would go through the settings, then go beyond the settings and do a deep dive into the accounts to see who is connected and who has permission,” Ganot explained, then they would see if there was anything malicious or suspicious about the hand was in the account.
“That would take a very long time to do in an advisory capacity,” he said. This led to the realization that these tasks needed to be automated.
The result is Sunday Security, a service that monitors the online accounts of senior executives in the organization for suspicious activity.
“The executive alone may not have enough incentive to do this,” Ganot said. “Many executives don’t necessarily recognize that this is really a threat. Do they have to spend time, resources and energy on this?”
“I think that’s one of the reasons why, unlike some of our competitors, we’ve taken the B2B2C approach, that is, we think there’s a combined interest, both on the business and personal side. .”
Ganot said this is why Sunday Security wants to address this through the company’s security team, rather than trying to convince someone to download an app from the store.
“Essentially, it protects these accounts from being hacked. Once you link these accounts, the algorithm will analyze them. It goes over all the connected accounts and scores them, then it will tell you how safe your accounts really are.”
Once the accounts have been analyzed, Sunday Security helps them configure them to meet the organization’s security requirements, and ensures that they are not compromised in the future.
The goal is to close the gap between corporate cybersecurity and personal security for senior executives where the two areas converge. This gives the enterprise team the necessary insight into the security of their executives’ personal accounts.
Because the security monitoring is done remotely from Sunday’s security center, it can be up and running in less than a day. The company says it takes less than thirty seconds to secure an individual account.
Once Sunday Security is in place, you’ve eliminated significant risks to the organization, including the possibility of someone taking over a senior executive’s social media account to the detriment of the company.
Ganot gives an example of someone posing as the CEO of a company and announcing on Twitter that he is selling the company, or perhaps providing a malicious link. Such a post on social media would be considered genuine because it came from the CEO’s account, and would cause significant damage to the company’s reputation, not to mention its share price. That’s the kind of damage Sunday Security is trying to prevent.