NetworkTigers approves of cybersecurity awareness month.
Cybersecurity Awareness Month is a time to acknowledge and understand the dynamic and critical nature of maintaining robust digital defenses.
Officially started in 2004 by the US Department of Homeland Security and the National Cybersecurity Alliance, Cybersecurity Awareness Month’s goal is to teach Americans how to take a proactive approach to internet safety. As the years have gone by, Cybersecurity Awareness Month has grown in both scope and visibility, with individuals, businesses, and educational institutions doing their part to get people involved and encourage them to take a hard look at their online activity.
“See Yourself in Cyber”
In previous years, October was broken into four weeks, each prioritizing a specific cybersecurity topic. However, this year, the month’s theme is “See Yourself in Cyber.”
With so many large-scale breaches and cyberattacks resulting from human error and social engineering as opposed to advanced hacking, organizers are boiling the issue down to the basics and reminding people that we all stand on the frontlines of cybersecurity, whether we realize it or not.
The intent behind this theme is to simplify the idea of security so that it becomes less of an impenetrable subject and more about best practices and safe individual habits.
This year’s Cybersecurity Awareness Month is spotlighting four foundational actions:
- Enable Multi-Factor Authentication
- Use Strong Passwords
- Recognize and Report Phishing
- Update Your Software
While breaches of financial institutions and monolithic corporations can feel abstract and out of the average person’s control, such intrusions are often caused by at least one of these tenets not being followed.
Enable Multi-Factor Authentication
Hackers, like most criminals, are opportunists. The more obstacles placed between them and their goal, the more likely they will move on in search of an easier target.
Previously, signing in to platforms, apps or accounts would require a username and password. However, these credentials can be accessible for a hacker to input, thanks to automated password cracking tools and databases of public information that can be scraped from the internet and used to guess usernames.
Multi-factor authentication (MFA) adds more steps to the login process. This can be as simple as a PIN or as advanced as a fingerprint or facial scan.
The most common MFA technique asks you to permit a secondary device, such as your phone or tablet.
With MFA in place, even if a hacker has correctly guessed your username and password, they cannot breach your account unless they are also in possession of the device you have associated with it. Additionally, you know if they are making an effort when you receive a prompt to grant access to an account you did not try to access.
Like all cybersecurity practices, MFA is not entirely impenetrable. However, the average hacker does not have the skillset or the patience to continue their takeover when faced with this barrier.
Use strong passwords
No matter whether people know it’s unwise, they continue to use passwords that are easy to guess, paying little attention to this critical security component. This year’s Cybersecurity Awareness Month seeks to remedy that.
Given that we live in a world awash with login credentials, it’s understandable that most prefer something easy to remember and, in many cases, even commit the cardinal sin of using the same password across multiple accounts.
A strong password is impossible to guess. It should contain no references to pets, family members, business, favorite sports team, or any other words or numbers associated with your personal information.
The first component of a strong password is length. Most experts agree that anything less than 12 characters long is not optimal. Each additional character makes your password exponentially harder to guess, so don’t skimp!
You also want to combine capitalized and lowercase letters, numbers, and symbols.
There are several password generators online that you can use to create completely random strings of characters with no ties to your life or hobbies.
Never share your passwords. Do not write them down on sticky notes where they can be lost, stolen, or photographed.
With so many random passwords, it is challenging to memorize them all. Thankfully, reputable password manager accounts allow you to store your credentials safely. Do your research carefully to select a manager with a reputation for tight security.
Recognize and report phishing
Phishing has always been a hugely popular tactic among hackers. While the days of Nigerian princes and fraudulent scam emails aren’t in the rearview yet, many of today’s phishing campaigns are so sophisticated and well designed that they can be nearly impossible to spot. With drag-and-drop services and dark web platforms making it easy for someone with no hacking experience to launch an attack, it’s no wonder this tried and true methodology remains a persistent cybersecurity threat.
All it takes is one click on a malicious link to bring an entire organization to its knees, so people must raise their awareness of the dangers potentially lurking in their inboxes.
Cybercriminals are continually evolving their strategies to keep pace with people’s knowledge. They know how to prey upon those they feel most likely to open an explosive email casually. While there are some consistent things to remember when spotting a phishing attempt, regularly updated education is the best defense against such an attack.
In keeping with the month’s purpose, awareness is key to preventing a phishing attack.
Update your software
This year’s Cybersecurity Awareness Month sheds light on the fact that modern lives are packed with software. From the operating system on your phone to the inner workings of your smart TV or game console, these complex electronics enrich our lives and provide criminals with how to affect them.
Software that is not regularly updated is often full of vulnerabilities that hackers can exploit for nefarious purposes. People tend to neglect regular updates, so criminals constantly scan for unpatched programs and platforms.
The best way to keep your systems locked down is to employ automatic updates. This way, your software is refreshed as soon as a developer pushes out a new patch or modification. This gives you peace of mind while not requiring you to actively check and monitor all of your software. In turn, developers are always bolstering their products’ security by rolling out regular defensive updates.
However, automatic updates are not standard across all programs, so due diligence is required in some cases. For software that does not update on its own, check weekly with the publisher to see if any updates have been issued. Download and install accordingly.
Cybersecurity Awareness Month starts with everyone
Cybersecurity is challenging to achieve. Not only due to its perceived complexity but also because all it takes is one lapse by an individual to invalidate the efforts made by hundreds or thousands of others. Because of this, it’s essential to understand that online safety is a team effort.
This year’s theme acknowledges that cybersecurity may feel exclusive to coding, software, algorithms, and viruses, but it’s really about people. The only way to strengthen security across the board is to create a grassroots understanding of its basics and instill the simple truth that we are all in this together.
Check out the National Cybersecurity Alliance official website for more information about Cybersecurity Awareness Month.