Executive Exposure Assessment

The Executive Exposure Assessment is designed to evaluate the information publicly exposed to threat actors that directly concerns senior executives.

Using publicly available information, such as home address, social contacts, spouse or partners, children and other information, intelligence can be inferred.

The primary objective is to answer the question: “How good is my privacy?”

The following key scenarios are reviewed:

• “Can I be easy located at home?”
• “Is my identity safe? Could identity thieves find useful or excessive information about me?”
• “Are my family exposed? My children? My parents?”
• “Are my accounts and passwords safe? Are there records of dark web entries related to me?”
• “Does my business life reveal aspects of my personal life I was unaware of?”

The service uses only Open Source Intelligence (OSINT). No contact or direct engagement is used. There is no phishing, no hacking and nothing intrusive. The approach is designed to mimic a real attackers capabilities.

This service is tightly controlled by various legal frameworks, including GDPR and RIPA. Therefore these assessments require direct and personal approval for the activity to commence.

Furthermore, the detailed report is delivered to the subject only, with an anonymised summary report provided to the client. The exception this is where a direct impact to the client is identified, such as a company director breaking corporate law.

Following the activity, a one to one workshop is carried out with the subject to help them understand the report, what can and cannot be expunged and what the impact of the information could be.