It’s October which means it’s Cyber Security Awareness Month, a global initiative designed to educate the public about the importance of cyber security and provide tips to stay safe online.
With the constant evolution of the digital landscape, understanding how to protect yourself and your data has never been more crucial. This blog post aims to highlight the main topics of the month, such as the importance of Passwords, Multifactor Authentication, Phishing, Social Engineering and the importance of keeping your software updated.
What is Cyber Security Awareness Month?
Cyber Security Awareness Month was launched back in 2004 by the National Cyber Security Alliance and the U.S. Department of Homeland Security. The month-long initiative aims to raise awareness about the importance of cyber security and promote safer practices across all internet users. Throughout October, organisations and experts engage in a variety of educational activities and campaigns to empower individuals to take control of their online safety. Throughout the month Integrity360 will be publishing blogs covering the month’s main topics.
The Importance of Strong Passwords
One of the main points of focus in this year’s Cyber Security Awareness Month is the importance of passwords.
Weak passwords are like low-hanging fruit for cybercriminals. If your password is simple or easy to guess, you're practically handing over the keys to your digital kingdom. Strong passwords should be a mix of upper and lower case letters, numbers, and special symbols. Aim for at least 12 characters in length.
Quick Tips for Creating Strong Passwords
- Avoid Personal Information: Don't use easily available information such as your name, birthday, or username.
- Use a Phrase: A sentence or a memorable phrase can make a strong and unique password.
- Randomise: Use a random password generator for optimum strength.
Password Managers
What Are Password Managers?
Remembering multiple strong passwords can be a headache. Enter password managers, software that securely stores and manages your passwords. They can also generate strong, unique passwords for each of your accounts.
Why Use a Password Manager?
- Convenience: One master password grants you access to all your stored passwords.
- Security: Encrypted storage ensures that your passwords are kept secure.
- Consistency: It encourages the use of strong, unique passwords for all accounts.
Multifactor Authentication (MFA)
How Does MFA Work?
MFA adds an extra layer of security by requiring two or more verification methods: something you know (password), something you have (a phone), or something you are (fingerprint).
Advantages of MFA
- Extra Security: Even if someone guesses your password, they would still need the second factor to gain access.
- Ease of Use: Usually, it’s as simple as receiving a text with a verification code.
Recognising and Reporting Phishing Attacks
Spotting Phishing Attempts
Phishing attacks often come disguised as emails or messages from trusted entities. Be wary of unsolicited communications asking for personal information.
Read more about Phishing and how to reduce the risks HERE
How to spot and report Phishing
- Does the email appear legitimate or is it trying to mimic someone you know?
- A hacker can ascertain your connections via social media profiles so make sure to check your privacy settings.
- If something appears too good to be true, then it is. If someone claims to be offering you money or a prize over the internet then run for the hills, chances are they are a scammer. Remember, there is no such thing as a free lunch.
- Check for spelling and grammatical errors.
- As many phishing emails are sent from overseas, they often contain spelling mistakes, poor punctuation and grammar. Sometimes a scammer will deliberately include these to see if you will respond regardless. If you do, then you will be marked as an easy target for future scams.
The email is poorly written.
- Flag as Spam: Mark the email as spam in your email client.
- Alert Your Network: Inform your contacts to prevent the spread of phishing attacks.
Social Engineering
Research shows that 98% of cyber-attacks rely on social engineering, and the most common type of social engineering attempts are phishing attacks, which most organisations are woefully underprepared to address.
As phishers’ tactics evolve, so should your business’ ability to detect and defend against them. Contact an Integrity360 advisor to learn more.
Importance of Updating Software
Why Regular Updates are Crucial
Outdated software is a goldmine for cybercriminals. Software updates often contain patches for security vulnerabilities that could be exploited.
Best Practices for Software Updates
- Enable Auto-Updates: Whenever possible, set your software to update automatically.
- Stay Informed: Follow the software vendors for updates and news on security patches.
- Use Integrity360’s Threat and Vulnerability Management Service
Use Cyber Security Awareness Month to ensure you and your employees are up to the task of keeping the hackers at bay.
As hacker tactics evolve, so should your business’ ability to detect and defend against them. Contact an Integrity360 advisor to learn more.