When cybersecurity defenses improve, attackers don’t just give up. Instead, they look for a softer target. This increasingly looks like targeting high level executives personally – like your personal phone, PC, or password vault.
For healthcare executives, the stakes are high. Healthcare organizations hold some of the most valuable data in any industry. The current climate of rate hikes, coverage disputes, and public frustration has made leadership teams highly visible, and highly exposed.
The risk is no longer just digital. Protesters have shown up at executives’ homes, industry conferences and even at their children’s schools. The 2024 assassination of UnitedHealthcare CEO Brian Thompson brought into sharp focus that digital vulnerabilities can lead to real-world harm.
Dr. Chris Pierson is the Founder and CEO of BlackCloak, a company that has led the growth of the Digital Executive Protection category. Pierson is a former CISO, Chief Privacy Officer, and longtime Department of Homeland Security advisor,
He spoke to Expert Insights about why healthcare executives face a uniquely dangerous threat landscape, how digital exposure is translating into physical risk, and what CISOs should be doing to close the gap.
BlackCloak has really kick-started the Digital Executive Protection category. For readers who aren’t familiar, can you talk about your background, what BlackCloak does and how you came to found the company?
BlackCloak is the pioneer in Digital Executive Protection (DEP). I recognized several years ago that there were significant gaps in corporate cybersecurity protection that left business leaders and their families vulnerable to attacks in their personal lives, which, in turn, often led back to the enterprise. My experience as a security and privacy leader led me to start the company in 2018 and fill this critical need.
I’ve held cybersecurity leadership roles for over 25 years, responsible for protecting my organization’s most critical assets – computers, emails, servers, and networks. Early in my career, I served as outside counsel for a law firm, where I established our cybersecurity practice. I then served as the first Chief Privacy Officer for the Royal Bank of Scotland’s U.S. operating bank and later as Chief Information Security Officer (CISO) for two FinTechs. I was also privileged to serve as a Special Government Employee for the Department of Homeland Security’s Privacy Committee and Cybersecurity Subcommittee, was a Distinguished Fellow of the Ponemon Institute, and a member of the Federal Bureau of Investigation’s Arizona InfraGard.
As corporate cyber defenses became more advanced in protecting an organization’s most valuable assets, I began to realize that attackers were shifting to an easier path. Rather than trying to penetrate the corporate fortress, they were targeting key executives, investors, and board members in their personal lives. I also recognized the emerging gap forming between enterprise security teams and the need to protect high-profile individuals and their families from financial fraud, cybercrime, hacking, reputational damage, privacy exposures, and identity theft. There were no tools or services available to solve this increasing problem. Their privacy, personal devices, and home networks were exposed.
In 2018, I decided to do something about it, and I founded BlackCloak. This gave rise to Digital Executive Protection, which is now a business imperative rather than a luxury.
Healthcare is one of the most targeted industries for cybercrime, and healthcare executives are uniquely exposed. Everyone in the U.S. interacts with healthcare, and healthcare organizations are prime targets for cybercriminals. But executives are often public figures. So, what does the current threat landscape look like for these leaders?
Healthcare is disproportionately targeted by cybercriminals due to its data richness and critical societal role, creating a high-stakes environment in which executives are uniquely exposed. The current threat landscape for these leaders is defined by three converging factors: the high value of medical data, rising consumer volatility, and the “no off switch” reality of personal digital footprints. Let’s look at each of these areas individually.
1. The Value of Data and Industry Volatility
Healthcare organizations are targeted because they hold an abundance of high-value, sensitive information, including patients’ Social Security numbers, payment details, and comprehensive medical records. This risk is further compounded by the current industry climate, such as rate hikes, reductions in coverage, and consumer frustration, which have created a volatile atmosphere. This negative sentiment often boils over from digital spaces into physical reality, where harassment or violence can occur. Because information about leadership is readily available online, executives are frequently held personally responsible for organizational shifts, putting them in the crosshairs of both cybercriminals and disgruntled individuals.
2. The Digital-to-Physical Shift
Over the past few years, we’ve seen a significant rise in negative fervor and physical threats stemming from reported increases in claim denials, possible Medicare cuts, and rising insurance premiums. This negative sentiment has manifested in the physical world through targeted harassment due to executives’ highly visible public exposure and knowledge of their families’ patterns and activities. For example, protesters have appeared at executives’ homes and at their children’s schools. Confrontations have occurred while executives are at high-profile conferences or when they and their loved ones volunteer for causes where their organization’s logo is present.
3. Technical Vulnerabilities and the “No Off Switch”
For executives, the use of personal devices for work-related communication has created systemic vulnerabilities that extend far beyond hospital walls. Cybercriminals increasingly exploit these personal devices as the path of least resistance into corporate networks, knowing they often bypass enterprise-grade firewalls. BlackCloak’s own data reveal that 13% of healthcare professionals had malware on their personal devices, which could be used to harvest information and endanger their families. A single compromised personal account allows attackers to impersonate leaders, escalate privileges, launch fraudulent internal communications, and even track real-time travel plans or home locations.
Unfortunately, given the current volatility in the healthcare industry, we don’t see an end to these threats anytime soon.
The assassination of UnitedHealthcare CEO Brian Thompson in 2024 was a shocking moment. What has the fallout been like for healthcare executives since that event, and what does it tell us about how digital risks are increasingly leading to the risk of real-world harms?
This tragedy really opened the eyes of executives across all industries, but especially in Healthcare. For any executive who is highly visible in the public eye, there is a convergence between their cyber footprint and physical risk. Executives’ addresses, travel schedules, and physical whereabouts can often be found online – on social media or through compromised accounts – putting them and their family members at risk of physical harm. With such volatility surrounding the healthcare industry, leaders of medical, pharmaceutical, and insurance companies are at much greater risk.
It’s important to remember that while data broker removal is necessary to help protect executives’ privacy, it’s not at all sufficient to keep an executive and their family secure. At BlackCloak, we constantly focus on data privacy and all the other ways we must protect business leaders and their families – looking at their personal devices and home networks, their online presence, and their overall cyber hygiene. The hard truth is that Healthcare will continue to be targeted, and to combat the risks, it’s critical for organizations to have a plan and a solution to tackle physical risk, cyber risk, and digital privacy.
BlackCloak has released data showing that the vast majority of healthcare executives already have personal data exposed and at risk. You’ve also removed over 137,000 data broker records across 50+ healthcare companies and remediated over 3,000 breached clear-text passwords. What kinds of vulnerabilities are you typically finding, and why are executives so exposed?
The commonly held misperception is that healthcare threats typically involve ransomware attacks that lock hospital systems or a breach of patient records. Those threats are still serious, but today, there is much more at play. It’s no longer just about targeting the systems that store data.
The real, dangerous cyber threats in Healthcare today are increasingly identity-driven and highly targeted, politically and activist-motivated attacks aimed at senior healthcare leaders and the professionals who make decisions, which is a much easier path for cybercriminals than breaching a hospital network. The landscape has evolved so that, rather than trying to force their way through hardened enterprise defenses, hackers exploit gaps in the executive team’s personal security, such as their home networks, personal email accounts, and mobile devices, to gain access, influence, or leverage. This means that for healthcare leaders, the risk is no longer confined to hospital walls. Personal compromise can quickly become organizational compromise.
Over the past year, 100% of the healthcare executives onboarded by BlackCloak had some form of personal data exposure that increased risk to them and the organization, ranging from breached or weak passwords to compromised devices, including home networks accessible to the Internet and connected smart home systems. This statistic alone underscores the grave importance of holistic DEP in any corporate cybersecurity strategy.
One of the biggest challenges is that corporations lack visibility into their executives’ personal lives. How does BlackCloak bridge that gap? What needs to be part of a comprehensive executive protection strategy?
BlackCloak addresses this gap by working privately with executives to secure their personal lives, creating a clean separation of corporate/personal risk. Internal teams are never involved with private data, resolving the security vs. privacy conflict.
For CISOs and security leaders in the Healthcare sector, I can offer four practical, effective steps to implement a proper executive protection strategy that go beyond the standard IT checklists:
- Treat executive digital security as enterprise risk: Protecting the CEO’s or CISO’s personal accounts and devices is as foundational as protecting any private corporate network. Personal exposures are the primary entry points into deeper enterprise systems.
- Expand threat monitoring beyond corporate systems: Comprehensive Digital Executive Protection must be prioritized to safeguard executives outside the organization’s perimeter. This includes removal of their personally identifiable information from data broker websites, home network and personal device protection, and dedicated concierge support to respond immediately to cyber incidents should they occur.
- Integrate personal digital hygiene into governance: Require multifactor authentication and secure password management, as well as education on how to protect their digital life.
- Clarify cyber risk for the board: Make risk visible to the board by showing how executive exposure is often the easiest pathway into the organization – and how those risks are effectively being reduced – through regular reporting on internal and external cyber events.
Digital Executive Protection is still a relatively new category. How do you make the business case to boards and CISOs for this investment?
As the pioneer of DEP, we help CISOs, the C-suite, and Boards of Directors understand that while traditional cybersecurity measures focus on corporate assets and infrastructure within the company’s four walls, executives remain vulnerable in their personal lives. By not providing a holistic, comprehensive DEP program to their leaders, companies leave their executives – and the company – wide open to an attack that can have devastating consequences.
We work directly with executives and their families to secure their personal devices, home networks, and online lives without pulling your team into their private world. You can only control what happens inside the walls of your company. Today, threat actors know no bounds, and BlackCloak ensures the safety of your executives no matter the location. All of this is backed by concierge support with a U.S. based security operations center ready to respond to incidents 24/7.
As we continue to innovate and advance the DEP space, BlackCloak is committed to collaborating with CISOs and business leaders to ensure the entire digital footprint of their leadership and their families is protected.
Looking ahead, how do you see the Digital Executive Protection space evolving in the healthcare space? What trends should executives be preparing for?
Historical patterns of breaches – including hundreds of hacking incidents in 2025 – point to continued intrusion attempts that expose sensitive patient, executive, and corporate data.
Even as attacks continue, the adversary playbook is shifting:
- Ransomware groups target healthcare vendors and service suppliers, enabling one compromise to ripple across their secure networks.
- Quiet data-extortion attacks that steal and hold data without immediate encryption are emerging as a stealthier, harder-to-detect threat. Even innocuous browser extensions on personal computers are leading to potential healthcare system compromises.
- Phishing and identity-based attacks are exploiting human patterns more effectively, leveraging AI advancements for greater deception.
Q. What are your recommendations for healthcare CISOs and security leaders who recognize these risks and want to improve their professional and private digital security posture?
Complete protection is essential, as outlined in the DEP Framework we released last year. DEP is a holistic approach and encompasses a range of services and technologies designed to:
- Reduce their digital footprint: Minimize the amount of personal information exposed online.
- Monitor personal devices and home networks for threats: Proactively identify and mitigate potential cyber risks.
- ID theft protection and credit monitoring: Maintain a proactive posture by gaining visibility into potential identity threats.
- Educate and train: Empower executives and their families to make informed decisions about their online activities.
- Perform incident response: Rapidly address threats before they escalate into breaches of the enterprise.
When all of this is performed by a U.S. based 24/7/365 expert concierge support team, such as the team we have at BlackCloak, organizations are much better equipped to handle the daily risks that face their leaders and board members.
This also ensures peace of mind, knowing you don’t need to dedicate internal resources for onboarding or integration, as our platform is a privacy-first, stand-alone solution.
