4 Ways to be More Cyber-Aware and Reduce Digital Risk
Security | Aug 30, 2016
Every October, we celebrate National Cyber Security Awareness Month (NCSAM), a collaborative effort between government and industry to educate Americans on how to stay safe online. This year, Guidance Software joined the National Cyber Security Alliance’s Champions Program to promote a safer, more secure, and more trusted Internet.
The human element is often the weakest link in the cyber security chain. Hackers target consumers, employees, and increasingly CEOs, in attempts to steal sensitive information or gain access to secure networks.
The best security software in the world can’t stop a user from clicking a malicious link or setting their password as ‘password.’ We’ve listed 5 simple tips below that can help anyone be more cyber aware.
- Think before you click or download – Hackers often use social engineering attacks, like phishing emails, that include malicious attachments or links in email, texts, social networks, and more. Clicking one of these links, or downloading an infected attachment generally starts a download of malware that can steal information and infect systems. It seems obvious, but make sure you trust the source before clicking a link or downloading an attachment. Phishing schemes have come a long way since the days of a Nigerian prince leaving you their massive fortune if you only provide them a bank account number, social security number and address. Modern phishing attacks are often orchestrated by organized crime (about 90% of attacks) and designed to mimic a trustworthy source (i.e. your bank or the HR department). The most sophisticated attacks can execute hidden code if the email is opened, no click or download required.
- Keep clean machines – When Ben Franklin said, “an ounce of prevention is worth a pound of cure,” he was actually talking about fire safety. But the maxim applies equally well to cybersecurity today. Taking basic precautions like having the latest versions of security software, web browsers, and operating systems installed goes a long way to protect against online threats. For corporate machines, companies should have a policy to ensure user machines are updated, automatically when possible.
- Make passwords strong AND unique – We (hopefully) all know some basic best practices for passwords – think long and strong. But did you know that using unique passwords for every account helps to thwart cybercriminals? Gartner says more than two-thirds of consumers reuse their passwords. Managing unique passwords can be a pain, but will help you avoid something like Mark Zuckerberg’s Twitter and Pinterest accounts being hacked because he allegedly re-used the password “dadada.” According to the 2016 Verizon BDIR, 63 percent of confirmed breaches leveraged weak, default, or stolen passwords.
- Be smart with mobile tech - Treat your mobile device like your home or work computer. Keep operating systems software and apps updated. When you travel, consider disabling remote connectivity and Bluetooth. And finally, be wary of unsecured wireless networks (like hotel networks) and use a VPN for extra security.
Cybersecurity is not something that can be solved with technology or software alone. All organizations need cybersecurity strategies that include IT, HR and training, risk management, and buy-in from the most senior levels. As we move toward a day when all commerce will be digital, hackers will continue to look for ways to exploit systems and find valuable information.
These risks can never be eliminated, so organizations need to invest in a comprehensive digital risk management and security strategy to mitigate them. Guidance offers the best forensic security solutions in the business to help organizations protect their most critical information.
Charles Choe joined Guidance Software in 2015 as a Product Marketing Manager for both EnCase eDiscovery and EnForce Risk Manager. Charles earned his JD/MBA from the University at Buffalo in 2007. Since graduating, he worked as an Online Product Manager across a number of different industries, including Banking, Publishing, and Technology.