Adopt Cyber Precautions to Combat Elevated Cyber Risk
As a result of recent events in the news, we know there are many questions and concerns surrounding cybersecurity. “Am I or is my company more likely to come under attack?” or “Is there currently a greater risk of cyber-attacks?”
While there are many unknowns, it’s important to be anticipatory and proactively prepare for the possibility of cyber-attacks. Whether it’s linked to current world events or situations that haven’t occurred yet, we know that criminals will continue to use cyber-attacks as destructive weapons.
While the sense of urgency may have changed, how cyber attackers target us has not. There are four key focus areas when protecting yourself both at home and work:
1. Phishing:
Phishing and related scams are when cyber attackers attempt to trick or fool you into doing something you should not do. Often, these scams are sent as emails, but they can also send them via text messaging (a hot trend at the moment), phone calls, or social media.
These attacks typically include messages that:
- Create a tremendous sense of urgency, pushing you to take action
- Pressure you to bypass standard policies or procedures
- Generate significant curiosity or seem too good to be true
- Appear to come from a legitimate organization, vendor, or even co-worker – BUT are using or sourced from a personal email account like gmail.com, hotmail.com, outlook.com, etc.
- Are sent from someone you know or work with – BUT the wording or tone is strange or otherwise off, or does not feel right or sound like them; trust your gut instinct!
2. Passwords:
Strong passwords are crucial for protecting your online, digital life. Make sure each of your accounts is protected by a unique, long password. The longer your password, the better. To keep it simple, use passphrases, a password made up of multiple words. Maybe it’s a favorite song title or something similar that is relatively easy for you to remember.
Can’t remember all your passwords? You aren’t alone. That’s why we also recommend you use a Password Manager to store all of your passwords securely. Finally, enable Multi-Factor Authentication (MFA) on your important accounts whenever possible. MFA is an excellent practice – and should be employed on EVERY site that requires authentication (i.e., a site requiring a username & password), including sites like Amazon.
3. Updating:
Keep your computers, devices, and apps updated and current by enabling automatic update(s) on all of your devices. Cyber attackers are constantly looking for new vulnerabilities in the devices and software you use. By utilizing automatic updates, known weaknesses are fixed, and your devices have the latest security features and updates.
4. Backups:
Keep your data backed up.
For organizations, the best methodology is to rely upon the 3-2-1 method which states:
- Create three copies of backups
- On two different sources of media i.e., within the cloud & hard disk storage
- With at least one location offsite
For individuals, this level of preparedness is not necessary however, it is recommended to back up your personal data on a periodic cadence i.e.., weekly or monthly.
- This can be accomplished via the use of commercially available software or completed manually.
- Suggested storage locations include either within the cloud or a disparate external hard drive.
- If using the latter, make sure to disconnect the hard drive from your network or your personal computer upon completion of the backup process.
Finally, savvy threat actors will try their best to capitalize upon the anxiety, fear, and emotion many of us may be feeling during this time of global uncertainty. Prompt and clear communication is a key first step to safely navigating these situations. Focusing on the four fundamentals we discussed will go a long way in protecting us individually and our companies, no matter who the cyber adversary is or where they are located.
Should you have any additional questions, please let us know. We are here to help.