GET FAMILIAR WITH THE BASICS
At a time when we are more connected than ever, being "cyber smart" is of the utmost importance. This year has already seen more than a fair share of attacks and breaches, including the SolarWinds and Kaseya breaches as well as high-profile attacks on the Colonial Pipeline and other critical infrastructure. Furthermore, as has been underlined by these recent breaches, cyber attacks are becoming more sophisticated with more evolved bad actors cropping up each day. Luckily, there are several steps that we can take on a daily basis to mitigate risks and stay one step ahead of malefactors. Here are a few quick tips:
MAKE A LONG, UNIQUE PASSPHRASE
Length trumps complexity. A strong passphrase is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember.
PASSPHRASES AREN'T ENOUGH
Use 2-factor authentication or multi-factor authentication (like biometrics, security keys or a unique, one-time code through an app on your mobile device) whenever offered.
WHEN IN DOUBT, THROW IT OUT
Links in email, tweets, texts, posts, social media messages, and online advertising are the easiest way for cybercriminals to get your sensitive information. Be wary of clicking on links or downloading anything that comes from a stranger or that you were not expecting. Essentially, just don't trust links.
KEEP A CLEAN MACHINE
Keep all software on internet-connected devices - including personal computers, smartphones, and tablets - current to reduce the risk of infection from ransomware and malware. Configure your devices to automatically update or to notify you when an update is available.
BACK IT UP
Protect your valuable work, music, photos, and other digital information by making an electronic copy and storing it safely. If you have a copy of your data and your device falls victim to ransomware or other cyber threats, you will be able to restore the data from a backup. Use the 3-2- 1 rule as a guide to backing up your data. The rule is: keep at least three (3) copies of your data, and store two (2) backup copies on different storage media, with one (1) of them located offsite.
OWN YOUR ONLINE PRESENCE
Every time you sign up for a new account, download a new app, or get a new device, immediately configure the privacy and security settings to your comfort level for information sharing. Regularly check these settings (at least once a year) to make sure they are still configured to your comfort.
SHARE WITH CARE
Think before posting about yourself and others online. Consider what a post reveals, who might see it, and how it might affect you or others. Consider creating an alternate persona that you use for online profiles to limit how much of your own personal information you share.
GET SAVVY ABOUT WIFI HOTSPOTS
Public wireless networks and hotspots are not secure, which means that anyone could potentially see what you are doing on your laptop or smartphone while you are connected to them. Limit what you do on public WiFi, and avoid logging in to key accounts like email and financial services. Consider using a virtual private network (VPN) or a personal/mobile hotspot if you need a more secure connection.
Did you know?
61% of data breaches used compromised credentials. (Verizon Data Breach Investigations Report)
56% of IT leaders believe their employees have picked up bad cybersecurity behaviors since working from home. (Tessian)
More than 99.9% of Microsoft enterprise accounts that get invaded by attackers didn't use multi-factor authentication. (ZDNet)