An Open Message To CISOs: What Is Your Most Sensitive Call Or Meeting?
In an open message to CISOs, Gregg Smith discusses strategies for keeping sensitive board meeting communications private.
Can you identify your most sensitive call or meeting? It is when your board convenes. Mergers and acquisitions, financial results, product roadmaps, pricing discussions and most key strategic initiatives are discussed either in person or on the phone. Is this an opportunity for a bad actor or a state-sponsored attack to take place…. Absolutely!
A few years ago, organized crime used a Stingray device (a mobile surveillance device that masquerades as a cell tower), to listen in on a board call. These bad actors heard financial results that were not promising and shorted the stock. After the earnings announcement they collected millions of dollars. Fortunately, they were caught but this example illustrates the vulnerabilities of our communications.
Mobile devices are promiscuous - they leak and their attack surface is vast. But how do you protect the critical voice and messaging information? Facebook’s WhatsApp? Telegram? Another fly-by-night data-grabbing free consumer application? Absolutely not. Board calls should be conducted on enterprise-grade secure voice solutions, and messaging should be conducted on the same enterprise-grade solution as well.
Learn more about Silent Circle’s enterprise-grade solutions for secure communications.