It’s October and that means one thing. Well, it actually means a few things: Halloween, hayrides, pumpkins and spice and everything else that’s nice. But October is also Cyber Security Awareness Month. The Cybersecurity & Infrastructure Security Agency’s (CISA) theme for this October is “Do your part. #BeCyberSmart.”
CISA helps educate, protect and assist our country’s other crime fighting divisions with knowledge about cybercrime, what it looks like and how to prevent it.
First, what is cybercrime? CISA defines it as “any crime which is committed electronically.” This can include identity theft, financial theft, malware, malicious social engineering and intellectual property violations, to name a few.
Let’s explore some of the themes of this year’s Cyber Security Awareness Month and, more importantly, how to keep cyber threats at bay for you and your organization.
Stop, Think, Connect
This simple phrase means a lot. In terms of email, stop and think before you click on that link or download that attachment. Were you expecting that email? Does it contain any red flags or strange verbiage from the sender? Verbally verify with the apparent sender that they sent this email.
This can also apply to users of a wireless network in a public space. Stop and think before connecting to an open Wi-Fi network. Most networks require authentication to join them, so any open networks could be red flags where attackers are trying to spoof or imitate another legitimate network.
What about a thumb drive you found at the office? Stop and think before you connect it to your laptop. That drive could contain malware, ransomware or something worse.
Shake Up Your Password Protocol
Keep your passwords unique and, where possible, protect your accounts with multi-factor authentication (MFA). Use a password manager, like LastPass, to keep those different passwords organized and secure.
Want to hear a true, spooky story? A business had the same password for over 130 accounts, and that one password became compromised. It took someone at the business over a week to change all the passwords. Not only that, but while the passwords were being changed, other accounts, including their bank account, were breached. Keeping unique passwords for each site and enabling multi-factor authentication would have prevented this.
All Tricks, No Treats
Cyber criminals are pros at tricking you into providing your credentials, such as bank account numbers and personal identifiable information (PII). It’s smart to verbally verify with your bank that they did indeed request information about your bank or payroll information. Hopefully you’re diligent about following best cyber practices, but that doesn’t mean everyone else is. It’s up to you to verify everything you receive regarding sensitive information to ensure a sender wasn’t compromised.
Stay Protected While Connected
Whether it’s laptops, desktops or mobile phones, all devices connected to the internet should have anti-malware protection on them. Additionally, using add-ins like Webroot’s link checking tool can help keep you safe by indicating known good and known bad links.
It may be time to upgrade your anti-virus to true endpoint protection. Businesses are moving to more comprehensive protection on each workstation and laptop. The reason is that people are working from more than just the corporate office. This applies to us at home as well. Endpoint protection adds layers of security that benefit business and the rest of us as well.
Other zero trust apps will do this same thing online, but they also “harden” your computer, keeping known good applications running and unknown or untrusted applications out until verified. Other hardware appliances, like Bitdefender’s BOX 2, can help keep your home or office network safe and free from rogue internet of things (IoT) devices. It’s easy for unpatched smart bulbs, smart plugs, smart thermostats, smart cameras, Alexa and Google devices to be compromised and start a malicious bot net attack either on your own network or against someone else’s.
Keep Devices Up-To-Date
Updating your iPhone can be a pain because something may look different or introduce an issue you don’t know how to resolve. Usually software bugs (at least major ones) have been fixed before most releases, but occasionally something falls between the cracks.
However, patches and updates are important. This is the manufacturer’s way of fixing vulnerabilities in the software. It’s really important to keep hardware and software updated, even if it means you need to adjust to new features on devices (or put your ringtone back to your favorite Backstreet Boys jam).
Next Steps
If you follow the basic tips, tricks and best practices to keep you and your organization safe online, you will certainly be in good cyber health! Remember to spread the word about good cyber health to friends, family and colleagues.
Need Help?
Our Technology Solutions Group includes a team of cyber security experts. We’re happy to meet with you for a free cyber security assessment of your organization’s IT infrastructure. Or, you can contact us online or call 410.685.5512 with any questions.
