Cybersecurity Awareness Month is an effort to encourage individuals, businesses, and institutions to adopt good cyber practices to make our online world more secure and safe for everyone.
The world has never been more connected when it comes to technology than it is today, with blurred lines between our online and offline lives and the promise of more complexity yet to come; that’s why cybersecurity matters.
The average person may claim a decent grasp on cybersecurity and excellent cyber-hygiene practices, but the proof is in the pudding.
Cybersecurity refers to the measures that we take protect ourselves on the internet from unauthorized access or attacks.
This annual campaign, and particularly this year’s theme, ‘Do your Part! Be Cyber smart, aims at helping foster proper cybersecurity habits. It also reminds us that better cybersecurity is a collective responsibility and that by adopting better cybersecurity habits in our work and personal lives we are giving cybercriminals less of a chance, thus reducing our threat landscape.
The interwoven nature of technology into our personal lives means that the implication of cyber-attacks is increasingly felt. For example, the worst-case scenario for the most prevalent poor habit – sharing passwords or recycling passwords may have far reaching consequences in the hands of a bad actor. This includes anything from access to your online accounts and thus your private data potentially committing identity fraud, cleaning you out, damaging your reputation and credit, impacting you and your loved ones and that’s just on a good day.
The consequences of lax cybersecurity habits in the work environment cannot be downplayed either as they can affect thousands and, in some cases, even millions of people. This is especially true for businesses who are part of critical infrastructure such as financial institutions, healthcare services etc. where a pilfered password may allow a bad actor get a foothold in the system and shut it down with ransomware or as in the case of British Airways, where a weakness in their website allowed attackers to make off with the personal data and credit card information of millions of passengers who are still feeling the effects to date.
So how do we become Cyber smart? The key lies in going back to basics to get it right.
Password Hygiene: When it comes to passwords, one should definitely opt for a unique, difficult to guess and hard to crack passphrase rather than a simple password simply because you can remember it. If you’re the type of person who has passwords on password for multiple accounts, you’d probably do well to use a password manager, which will simplify the whole task of creating and memorizing passwords to remembering just one.
Multifactor authentication: Once you have battened down the hatches with your password you should also consider adding an extra layer of security to your accounts by adding multifactor authentication – which could be such as a One Time Pin (OTP) pushed via SMS minimizing the risk of a cyber attacker gaining access to an account if they know the username and password.
Secure your Devices: Never underestimate the power of securing your devices by keeping your software up to date by applying patches so that bad actors cannot take advantage of known problems or weaknesses and running up to date antivirus software
Be suspicious of suspicious emails: While technology can only take you so far, a big part of being a responsible netizen is to always keep your wits about you. Approach everything you see online, be it on social media or in your email with a healthy dose of skepticism. Be wary of clicking on any links or following any unexpected offers
Most Importantly
While this campaign runs just for a month Cybersecurity is a year-round affair. You should never let your guard down when it comes to applying your cybersecurity knowledge to all your internet interactions. From a professional perspective, IT professionals should ensure that cybersecurity awareness is a part of the organization’s training and awareness calendar to promote continued employee education about cybersecurity risks and provide reminders about cybersecurity vigilance.
