Since 2004, October has been designated as Cybersecurity Awareness Month as a way to help keep Americans safer online.
With the growth of technology and the internet, cyberattacks have skyrocketed this century and continue to go up. In 2005, there were 157 million cataloged data breaches, and in 2019, that number had grown to 1,473 million.
Highlighting ways to improve IT security and focusing intently on it at least once per year, is a much-needed reminder for companies and individuals of the best practices that could help keep them safe from a costly data breach or malware attack.
According to the Sophos 2021 Threat Report, the root cause responsible for many of the most devastating attacks seen is, “A lack of attention to one or more aspects of basic security hygiene.”
The theme of Cybersecurity Awareness Month is “Do Your Part. #BeCyberSmart.” We’ll go over several tips below to help you do that.
Ways to Improve Your Cybersecurity
Secure Your Wireless Routers
Wireless routers provide convenient broadband signals without all the wires, but they also offer a way for hackers to get into your network.
It’s important to apply router safeguards, which include:
- Changing the default username and password as soon as you set it up
- Using a strong password
- Checking your router for security updates regularly
- Using a VPN if you are on a public Wi-Fi
Use Antivirus/Anti-Malware on Mobile Devices
Antivirus software is available for mobile devices, which are an easy, common target for hackers and other bad actors. Far too many smartphone users don’t realize that these devices need to have antivirus protection too, just like computers.
Download a reliable antivirus/anti-malware application for your smartphone and protect it from online attacks.
Use Multi-Factor Authentication (MFA)
The use of MFA is one of the best ways to protect online accounts from being compromised. It’s vital to have this in place on all your accounts because of the increase in credential theft.
In 2020, compromised credentials became the most common initial attack vector and were responsible for 20% of all data breaches.
Limit What You Share on Social Media
Targeted phishing attacks that use personal information are often easier for employees to fall for. The fact that the sender knows certain things like their company or title lends an air of legitimacy that can trick even careful employees.
Criminals often get these details from social media. Things that seem random, like where you grabbed your coffee this morning or the fact that you just closed a big deal with XYZ company, might seem innocent. But these details are nuggets of gold to a phishing attacker.
Be very careful about the personal details you post on social media, stay away from locations and names of people, schools, companies, retailers that you frequent.
Be Careful About the Apps You Download
There is an app for just about everything these days and some of them can seem very innocent, such as a map of hummingbird migration patterns or a calorie calculator. But benign apps from unknown developers can be masking spyware or another type of malware.
Even legitimate apps can be sharing more of our data with unknown parties than we realize. Such as your location, the things that you purchase, and more.
Only download apps from reliable sources. Even if an app is on the app store, if it’s from an unknown developer, do an online search first to ensure it doesn’t have a security issue.
For existing apps, be sure to research privacy policies and put them on the most restrictive data sharing settings. For example, don’t turn on location services unless you absolutely have to for the function of the app.
Phight the Phish
One of the weekly themes of Cybersecurity Awareness Month is “Phight the Phish” Phishing remains the #1 method of attack for all types of breaches from credential theft to ransomware attacks.
It’s important to take a multi-pronged approach when fighting the onslaught of phishing emails (which is about to get worse due to a large dump of scraped email addresses from LinkedIn).
Some of the best practices to avoid being a phishing victim include:
- Don’t react to an email from emotion or urgency (these are tactics scammers use)
- Hover over hyperlinks before clicking to reveal the true URL
- Use a DNS filter to block malicious sites if you accidentally click a phishing link
- Use email filtering to reduce the number of phishing and spam emails in your inbox
Learn more about Cybersecurity Awareness Month and find free resources here.
Get Help Improving Your Company’s Cybersecurity Best Practices
It’s often just a lack of common best practices that are responsible for a devastating cyberattack. Contact Rocky Knoll Technologies today to schedule an IT security review to ensure your team is adopting tactics to keep your network and data protected.
Call 704.594.7292 or reach us online.