Sunday Security has found a new way to shut down what has been a potential cybersecurity weakness at the company. That potential weak spot is the organization’s executives, specifically their personal online accounts.
“Anyone who does some basic phishing can probably get into one of those accounts,” Sunday Security chief executive Zack Ganot said. Ganot explained that attackers have found that the easiest way to attack a well-protected company is to start by attacking the top executives who have access to the organization’s most sensitive data. In many cases, once they gain access to that person’s information, they have what they need to break into the company.
Ganot said that Sunday Security grew out of a consulting practice in which he and others found they spent several days with each top executive to help them secure their accounts. “And even then it wasn’t really a continuous protection situation,” he said.
“We would go through the settings, then go beyond the settings and really dive deep into the accounts to see who is logged in and who has permission,” Ganot explained, then they would see if anything malicious or suspicious was going on in the account.
“That would take a long time to do in a consulting capacity,” he said. This led to the realization that these tasks needed to be automated.
The result is Sunday Security, a service that monitors the online accounts of the organization’s top executives for suspicious activity.
“The executive alone may not have enough incentive to do this,” Ganot said. “A lot of executives don’t necessarily recognize that this is really a threat. Should they spend time, resources, energy on this?
business to business to consumer
“I think that is one of the reasons why, unlike some of our competitors, we have taken the B2B2C approach, meaning we believe there is a combined interest on both the business side and the personal side.”
Ganot said that’s why Sunday Security wants to address this through the enterprise security team, rather than trying to convince someone to download an app from the store.
“Essentially, it protects these accounts from being hacked. Once you connect these accounts, the algorithm analyzes them. It reviews all connected accounts and rates them, then it will tell you how secure your accounts really are.”
Once accounts are scanned, Sunday Security helps configure them to meet the organization’s security requirements and then makes sure they are not compromised in the future.
The goal is to bridge the gap between corporate cybersecurity and personal security for senior executives where the two areas merge. This gives the business team the visibility they need into the security of their executives’ personal accounts.
Because security monitoring is done remotely from Sunday’s security operations center, everything can be up and running in less than a day. The company says it takes less than thirty seconds to secure an individual account.
Once Sunday Security is in place, it has eliminated significant risks to the organization, including the possibility of someone taking over a senior executive’s social media account to the detriment of the company.
Ganot gives an example of someone pretending to be the CEO of a company and announcing on Twitter that they were selling the company, or perhaps providing a malicious link. Such a social media post would be presumed to be genuine because it came from the CEO’s account and would do significant damage to the company’s reputation, not to mention its stock price. That’s the kind of damage Sunday Security tries to prevent.