October is National Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month. Since the National Cybersecurity Alliance started this initiative in 2004, the number of devices connected to the internet and the amount of time we spend interacting online has increased exponentially. The impact on our lives is so massive that it’s become hard to imagine what life would be like without our devices.

However, when our devices connect to the internet, they connect our friends, colleagues, family, and tons of data – this comes with responsibilities and risks. This complex web sometimes results in us losing track of all our connected devices, which creates both opportunities and challenges for individuals and organizations across the globe.

Why Should You Care About Cybersecurity?

Digital devices, appliances, and wearables for healthcare, communication, security, and more store and share an incredible amount of data – including sensitive and private information. These devices communicate with servers and each other, potentially triggering other actions.

For example, the applications on your smartphone are constantly communicating with servers around the globe. Even your home’s smart thermostat is chatting away with distant data stores. While these devices add convenience to our lives, they also require us to share considerable amounts of information and access.

The security of these devices, and of the information they collect and use, cannot always be guaranteed. Once your device is connected to the internet, its potential vulnerability to all kinds of risks is increased. Risks like social engineering, ransomware, insider threats, cloud vulnerabilities, IoT security issues, AI-driven attacks, and poor cyber hygiene.

With more IoT devices entering our lives and workplaces every day, we all need to know how to secure our digital lives.

If You Connect, You Must Protect

We all connect our devices to the internet to make the most use of them. Some networks are well protected (home or office), while others may not be protected at all (public wi-fi). Any one of these networks could be the target of a hacker, putting us and our sensitive information at risk. Think of the many things we’re doing while connecting to these networks, the applications we’re using, and the information we’re accessing. Here are a few examples:

• Bank accounts
• Social media
• Online shopping and retail services
• Government services
• Health and medical services
• Corporate accounts
• Business applications
• Intellectual property

Any device that connects to the internet is vulnerable. The best defense is to keep device security software, web browsers, and operating systems up to date. However, to be secure, we must take active measures to keep ahead of the hidden traps and overt attacks that could compromise our security and privacy. Below are examples to be mindful of:

Update your privacy settings
Your Personal Information is like money. Be Cyber Smart about where you’re sharing it, who you’re sharing it with, and how it’s being used.

Stay protected while connected
Public wi-fi is not secure or safe. If you must connect, consider using a virtual private network (VPN) or a personal/mobile hotspot.

Use semi-open wi-fi networks instead of open wi-fi
Consider Wi-Fi that serves airport lounges or nearby coffee shops that have hidden SSIDs or put their passwords on receipts instead of giving them out freely.

Avoid confidential tasks on public Wi-Fi
When you connect to public Wi-Fi, it is best to NOT sign into accounts such as your credit card or bank. This is probably one of the easiest common-sense ways to share your information with the “bad guys” or cybercriminals.

Play “hard to get” with strangers
If you’re unsure who an email is from—even if the details appear accurate—do not respond, and do not click on any links or attachments. Not only could you compromise your own privacy, but you could put your friends at risk if you pass malware on to them with your next email.

Never click and tell
Cybercriminals love it when you overshare on social media – they can learn all about you! Be Cyber Smart and make it harder for them by avoiding posting real names, places you frequent, and home, school, or work locations. Share photos after your holidays and outings, not during. Be aware of who can view your social media profiles and consider making them private.

Keep tabs on your apps
Have rules for keeping tabs on Your Apps:

1. Delete apps you don’t need or no longer use.
2. Review app permissions. Say “No” to any that don’t make sense.
3. Avoid allowing apps to track your location or usage “always.”
4. Only download apps from trusted sources.

If you collect it, protect it
When it comes to passphrases, it’s best to mix it up and stay unique. Keep them fun and easy to remember, and don’t reuse them. Consider using a password protection service like Keeper, LastPass, or Dashlane.

Double your login protection
No matter how long and strong your passphrase is, a breach is always possible. Make it harder for cybercriminals to access your account by enabling multi-factor authentication.

Keep apps and software updated
Whether it’s your computer, smartphone, game console, or another network device, the best defense against viruses and malware is to update to the latest security software, web browser, and operating systems. If you can, sign up for automatic updates and protect your devices with anti-virus software.

App permissions
Many connected appliances and devices are supported by a mobile application. Your mobile device could be filled with apps running in the background or using default permissions you never realized you approved. They’re gathering your personal information without your knowledge while also putting your identity and privacy at risk. Check your app permissions settings and set privilege requests that don’t make sense to you to “No permission.”

Be selective on what you download
Only download apps from trusted vendors and sources.

Tips for IT teams

Cybersecurity awareness refers to the knowledge and understanding that individuals and organizations have about the potential threats and risks associated with using digital technologies and the internet. It involves being informed about the various types of cyber threats, such as phishing, malware, ransomware, and social engineering, and understanding how to protect against them.

Tips for cybersecurity awareness and protection include:

1. Recognizing Threats: Being able to identify suspicious activities, emails, or links that could lead to security breaches.

2. Safe Practices: Implementing best practices for password management, data protection, and secure browsing to minimize vulnerabilities.

3. Incident Response: Knowing how to respond to a cybersecurity incident, including reporting procedures, mitigation strategies, and utilizing efficient incident response software.

4. Data Backup and Recovery: Regularly back up critical data and test recovery procedures to ensure data can be restored in case of a breach or data loss.

5. Secure Remote Access: Implement secure remote access solutions, such as VPNs, to protect data and communications for remote workers.

6. Access Controls: Limit access to sensitive information based on user roles and responsibilities, and regularly review permissions to prevent unauthorized access.

7. Monitor and Audit: Continuously monitor network activity and conduct regular security audits to identify and address potential vulnerabilities.

8. Network Security: Use firewalls, intrusion detection systems, and encryption to protect network traffic and prevent unauthorized access.

9. Organizational Policies: Update and implement your organization’s cybersecurity policies and procedures to ensure a secure digital environment.

10. Continuous Education: Stay updated on the latest cybersecurity trends and threats while providing regular training and awareness programs to employees.

Cybersecurity awareness is crucial for preventing cyber attacks and ensuring the safety and security of digital assets.

We connect a lot of devices to a lot of networks. Be conscious of what you’re accessing, where you’re accessing it from, and what device you’re accessing it with. And remember, if you connect, you must protect.

For more information on staying safe and participating in Cybersecurity Awareness Month, please refer to the following links:

• Best Practices for Securing Your Home Network
• https://niccs.us-cert.gov/
• https://staysafeonline.org/programs/cybersecurity-awareness-month/