Cybersecurity starts with awareness
October is Cybersecurity Awareness Month. Its objective is to help individuals protect themselves online as threats to technology and confidential data become more commonplace.
With the increased use of personal devices, we are all at high risk of cyber-attacks and need to act as the main cyber defenders to protect what matters.
Technology can protect us to a certain limit; it’s us the people though who have to work and focus on the fundamental elements of cybersecurity highlighted by the National Cybersecurity Alliance, such as protecting our identities, updating our software and devices, and not falling prey to phishing schemes.3
People have become the primary attack vector for cyber attackers around the world, so humans rather than technology now represent the greatest risk to organizations.
It’s up to each of us to #BeCyberSmart
Malware (22%) and phishing (20%) will continue to be the most common causes of cyberattacks in 2022.4 Despite the development of sophisticated tools and services, humans will continue to be the most cost-effective and reliable attack vector for cybercriminals worldwide. As a result, it’s critical that we all remain informed about how to safeguard ourselves at work and at home and prevent breaches.
Here are some basic steps recommended by Microsoft so we can all #BeCyberSmart:
Phishing: In 2021, 30% of attacks involved deceptive emails, fake websites, and text messages. So, how can we avoid falling for these phishing scams?
- Look at the sender’s email address to see if they are genuine. A sender address that is either misspelled or unrelated is a common phishing warning sign. Do not reply if you are unsure. Create a new email instead to respond.
- Unless you have verified the sender, never open email attachments or click on links.
Devices and software: Cybercriminals typically gain access through outdated software and hardware. To avoid destructive malware that can steal personal information, practicing good cyber hygiene is crucial. To assist in protecting your devices:
- Enable the lock feature on your mobile devices.
- Set up multifactor authentication for your private accounts and apps.
Scams: Criminals will often contact you seeking to “fix” a nonexistent problem. The email or text message will contain a sense of urgency, such as “Act now to avoid having your account locked!” If you see this type of message, do not click the link. And remember to always report any suspected scam so your company can take action. A few tips to remember:
- Be skeptical of unsolicited tech support calls or error messages requesting urgent action.
- Do not follow any prompts to download software from any third-party website.
- When in doubt, open a separate browser page and go directly to the company’s webpage.
Passwords: Passwords are our first line of defense against unauthorized access to accounts, devices, and files. However, the average person now has more than 150 online accounts; password fatigue is always a danger. Some tips on how to protect your passwords include:
Explore best practices and educational resources with Microsoft’s Cybersecurity Awareness website.
- Shields Health Care Group data breach affects 2 million patients, Bill Toulas. June 7, 2022.
- A massive cyberattack in Costa Rica leaves citizens hurting, Carla Rosch. June 1, 2022.
- National Cybersecurity Alliance.
- Alarming Cyber Statistics For Mid-Year 2022 That You Need To Know, Chuck Brooks. June 3, 2022.
- Verizon 2021 Data Breach Investigation Report, Verizon. 2021.