The interconnectedness of our digital world brings a wealth of benefits, including the ability to conduct tasks that were once manual with greater speed and convenience. At the same time, society faces an ever-expanding set of dangers, both personally and professionally, on a daily basis. For business executives in particular, the continually evolving threat landscape is now one where the lines between personal and professional, as well as digital and physical, are increasingly blurred.
The latest findings from the Ponemon Institute underscore this new reality. Based on a survey of nearly 600 U.S. security professionals, Ponemon’s new 2025 Digital Executive Protection Report shows a notable increase in attacks targeting business leaders, with survey respondents reporting a rise from 43% in 2023 to 51% in 2025. A combination of factors is driving this trend: executives’ expansive digital footprints, combined with unmonitored and insecure home networks and personal devices, which are often used for work purposes.
The Report also highlights a general lack of cybersecurity training and preparedness among companies to prevent such attacks. As a result, corporate executives are caught in a perfect storm, rich with opportunities for cybercriminals to cause financial and reputational harm – to leaders, their families, and their companies.
Head of Security Services at BlackCloak.
The Escalating Risk of Deepfakes
When examining the types of attacks targeting executives that cause the most harm, the Ponemon findings reveal an increase in deepfake impersonation attacks, from 34% of respondents reporting an incident in 2023 to 41% in 2025. Deepfakes are artificial images or videos created by AI, trained on a collection of authentic media samples of the individual being targeted, including still images, videos, and audio clips, all of which are easily found online. The more samples used, the more authentic the deepfake can appear to be.
Given their highly visible public profiles and prolific social media activity, business executives, high-net-worth individuals, and their family members are easy targets. According to the Ponemon survey, the most common deepfakes experienced are impersonation of executives’ trusted entities and urgent demands for payments or information about a detected security breach.
Of those targeted, 28% reported being impersonated by a trusted entity, such as a colleague, executive, family member, or known organization; 21% stated that executives and board members received urgent messages, including demands for immediate payment or information about a detected security breach.
Additionally, 42% of respondents stated that their organizations’ executives and board members have been targeted an average of three times by a fake image, while 66% of respondents indicated that it is highly likely their executives will be targeted by a deepfake in the future.
Survey respondents disclosed that the financial toll of deepfakes is neither known nor measured. However, most respondents cited the cost of staff time spent responding to attacks and the expense of detecting, identifying, and remedying the breach as the most serious financial consequences stemming from such attacks.
Why are deepfakes on the rise?
There are multiple reasons for the increasing number of deepfake attacks. First, the barrier to creating sophisticated and convincing deepfakes continues to drop, given easy access to AI tools and other technologies that power social engineering attacks. According to the Ponemon report, visibility challenges also make it difficult to detect attack tactics, such as deepfakes; half of the respondents stated that their team lacked the necessary insight to prevent a breach.
The report’s findings align with my team’s daily observations on the front lines: the threat landscape is rapidly evolving and expanding, putting a bullseye on the backs of high-profile, high-value executives for both cyber and physical attacks. Over the past few years, we have witnessed an acceleration of sophisticated tactics, such as deepfakes and impersonation scams, that directly target these leaders in their personal digital lives. Hackers understand that executives' personal devices and home networks can be an easy pathway to penetrating corporate defenses.
Securing the company network and infrastructure is critical, but it still leaves gaps. Protecting the organization’s leaders — and their families — is essential to reducing corporate risk, making Digital Executive Protection a non-negotiable security imperative.
How can organizations prevent future incidents?
A multi-faceted, holistic approach that focuses on both robust long-term prevention and immediate damage mitigation is required.
I strongly recommend a prevention strategy that encompasses comprehensive defense in depth, including implementing robust email security protocols, establishing strong multi-factor authentication (MFA) across all accounts, and deploying secure password managers, along with continuous monitoring of home networks and devices.
Key to this approach is minimizing executives’ digital footprints, proactively monitoring their personal devices and home networks for threats, and educating them and their families on best practices for online safety.
In the aftermath of any attack – whether a deepfake impersonation leading to fraud or a sophisticated phishing attempt – critical steps should be taken swiftly, such as conducting data broker removal, initiating credit freezes, disputing fraudulent charges with financial institutions, and securing compromised accounts to prevent further financial loss or data exfiltration.
To adequately secure individuals against today's – and tomorrow’s – sophisticated cyber threats, extending comprehensive privacy and cybersecurity far beyond the corporate perimeter is critical. Digital Executive Protection is necessary to safeguard leaders and their families across every facet of their connected lives – from their personal smart devices and online accounts to entire home networks and smart home technology.
The rising tide of deepfake attacks, as revealed by the Ponemon Report, underscores a critical shift in the cybersecurity landscape: executives are now prime targets, their digital lives serving as a vulnerable gateway to enterprise compromise. This escalating threat, fueled by easily accessible AI and a widespread lack of comprehensive personal security training, demands a holistic and proactive approach.
Organizations must extend robust digital executive protection to their leaders and their families, encompassing everything from digital footprint reduction and device hardening to advanced threat monitoring and rapid incident response, giving them peace of mind that they are safe from escalating cyber and physical threats.
We've featured the best identity management solutions.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.