- January 8, 2019
- Posted by: Ron Frechette
- Category: Blog
Cybersecurity Awareness – By Ron Frechette, The Cyber Coach
As we launch into the new year, many of us have established our New Year’s resolutions with the hopes of improving the quality of our lives. The practice of establishing New Year’s resolutions dates back thousands of years to the ancient Babylonians. For those who do not subscribe to the practice, you may be interested to know that studies have shown 46% of people who make New Year’s resolutions (e.g. weight loss, exercise programs, quitting smoking) were likely to succeed, over ten times as among those deciding to make life changes at other times of the year. Encouraging news for those of us who have adopted the practice of setting New Year’s resolutions!
One resolution we strongly encourage our readers adopt in 2019 is practicing good cyber hygiene. Last months article, State of Cybersecurity and Future Threat Landscape, shared compelling evidence as to why we would be wise to make this a top priority. As was reported, experts predict we could see a 10 fold increase in cybercriminal activity over the next 2 to 3 years. Most people live with the, “it will never happen to me” mindset when it comes to cybercrimes. The consequences and hardships of dealing with the loss of sensitive/confidential information, malware intrusions, phishing and ransomware attacks persist for many years after the initial crime. This not only affects us as individuals or small business owners, it also puts our family, friends, co-workers and clients at risk.
As illustrated here, there are 4 threat vectors that surround our digital footprints that cybercriminals are constantly trying to penetrate; people, processes, facilities and technologies.
With the severe threat of attacks forecasted in 2019, it’s nearly impossible to always know what is coming. That’s why it is so imperative to practice basic cyber hygiene as a way to eliminate and mitigate possible threats, especially in coming year ahead.
What is Cyber Hygiene?
The Center for Internet Security (CIS) and the Council on Cyber Security (CCS) defines cyber hygiene as a means to appropriately protect and maintain our IT systems and devices and implement cyber security best practices. Without clear assessments and interventions hackers will have an easy in through unpatched and outdated solutions, and yet to be identified security gaps in newer technologies.
Top Cyber Hygiene Practices to Adopt in 2019
- Become familiar with industry-accepted cyber risk management frameworks like the National Institute of Standards and Technology (NIST CSF) and GoldSky Security’s DREAMSecure℠ platform for small businesses.
- Perform annual security risk assessments. It is required in many industries.
- Perform monthly security awareness training. CSOonline provides great content and its free.
- Leverage multi-factor authentication whenever possible.
- Disable applications no longer in use. They are an open door for vulnerabilities.
- Consistently back up data. Use a secure cloud solution in addition to on premise.
- Be vigilant about patching applications regularly. Unpatched systems are great attack vectors.
- Implement complex passwords. Use pass phrases.
- Limit users with admin privileges.
- Upgrade aging infrastructure and systems.
- Implement endpoint protection using a white list solution.
The Digital Age has come upon us so fast that a majority of the global population is still uneducated about how to implement basic cyber hygiene practices. Unfortunately, even with the best protection there are no guarantees that we won’t become the victim of a ransomware attack, data breach, or other cybersecurity threat.
That said, cybercriminals tend to focus on soft targets with no signs of security controls in place. It’s like a criminal walking through a neighborhood looking for the houses to rob where they see no ADT Security signs or hear any barking dogs in the house. Cybercriminals utilize various tool kits found on the Dark Web that allow them to perform a similar process in cyberspace.
By adopting a New Year’s resolution to implement basic cyber hygiene practices, you will most likely be passed over as the growing number of cybercriminals hunt through the world wide web in search of the overwhelming amount of vulnerable digital footprints they consider to be low-hanging fruit. Encouraging news for those of us who decide to take action!
Wishing all a safe and prosperous new year!