There has been a frightening escalation in cyberthreats targeting business leaders and their families, according to a new report released by BlackCloak, a pioneer in digital executive protection for executive leaders, board members, and their families – as well as family offices and high-net-worth individuals.
The study, sponsored by BlackCloak and conducted independently by Ponemon, surveyed 586 security professionals in the US.
The report reveals that from 2023 to 2025, the percentage of organisations reporting targeted attacks on executives increased from 43% to 51%. In 2025, 22% of organisations reported experiencing seven to 10 cyberattacks compared to 15% in 2023. Concern over potential future attacks remains consistently high at 62%.
Additionally, the survey results indicate a rise in deepfake attacks targeting executives, with 34% of respondents reporting an incident in 2023 and 41% of respondents in 2025.
The impersonation of trusted contacts and urgent demands for payments or information about a detected security breach are the most commonly deployed tactics.
The report points to another alarming trend: a digital attack on an executive can lead to cybercriminals using their personal information to cause physical harm.
In 2025, half (50%) of those surveyed believe their executives will be the target of a physical attack in the future. In response, 63% of respondents say their organisation currently offers self-defence training for executives – an increase of 15% from 2023.
While 62% of security professionals believe their executives will likely be the target of a cybercriminal attack in the future, only 43% provide training on how to secure their personal digital assets. Of those, 38% provided such training following an attack. While deepfake attacks continue to climb, just 50% of respondents have plans to train their executives to recognise such a threat.
“The Ponemon report confirms what we see on the front lines every day – the threat landscape is shifting rapidly, and executives are now the bullseye for both cyber and physical attacks,” says Dr Chris Pierson, founder and CEO of BlackCloak. “As deepfakes, impersonation scams, and personal digital intrusions become more common, securing the company network is no longer enough. Organisations must protect the humans behind the business – their leaders and their families – or risk devastating consequences.
“Digital executive protection is no longer a nice-to-have, it’s a core component of enterprise risk management.”
The home has become the new battleground in cybersecurity. As the lines between personal and professional lives continue to blur, cybercriminals are exploiting this overlap, targeting home networks and personal devices as entry points into corporate systems.
The report findings show that since 2023, there has been a sharp rise in cyberattacks that exploit vulnerabilities in executives’ homes – with the theft of intellectual property and breaches of home networks rising to the second and third most common impacts of executive-targeted attacks in 2025. That’s a notable change from two years ago, when the most damaging outcomes after financial loss were the erosion of business relationships and regulatory non-compliance.
Despite the known risks, only 48% of organisations include digital executive protection (DEP) in their security strategies, up slightly from 42% in 2023. Combined with poor training and limited visibility into executives’ digital lives, this leaves a dangerous gap that cybercriminals are ready to use to their advantage.
DEP is a holistic approach to safeguarding executives and their families in their personal lives, and subsequently the company itself, from online threats. It encompasses a range of services and technologies designed to:
- Reduce their digital footprint: Minimising the amount of personal information exposed online.
- Monitor their personal devices and home networks for threats: Proactively identifying and mitigating potential cyber risks.
- Educate and train: Empowering executives and their families to make informed decisions about their online activities.
- Perform incident response: Rapidly addressing threats before they escalate into breaches of the enterprise.