16 Tips for Cybersecurity Awareness Month
In case you haven’t heard, October is National Cybersecurity Awareness Month!
Perhaps you’ve already checked out some tips and best practices to help keep you more secure. If you haven’t, not to worry as we have you covered with a roundup of tips and resources from our experts. If you have, you might find additional valuable cybersecurity awareness info below!
Why Cybersecurity Awareness Month is Important
Cybersecurity has become the responsibility of everyone in both their professional and personal lives. Between smartphones, IoT/smart devices, social media, and other technology, we’ve never been more interconnected or had more information about us available to prying eyes around the globe.
In the first six months of 2019 alone, over 4 billion records have been exposed across more than 3,800 data breaches. That figure doesn’t include data breaches or record losses that weren’t publicly reported or from data breaches that haven’t been detected yet.
According to the Ponemon Institute, it takes 197 days on average to detect a data breach – which means if any of the companies surveyed for that study at the beginning of the year were infected on January 1st, they may not have have known about it in the first six months of this year - this is a terrifying thought.
That’s why it’s so important to take a step back each October (if not more frequently) to evaluate the information about yourself, your business, and your clients that is out there in the world, and what you’re doing to protect it.
Cybersecurity Tips from Our Experts
How do you prevent your company or even yourself from becoming one of these statistics? Start by taking to heart these cybersecurity tips and best practices.
“Always lock your computer when you walk away from it. A great way for people to gain access to things they shouldn’t is just to walk around and see who’s left their computer unlocked. They don’t need to break your password or anything else to compromise PII (personal identifiable information), company secrets or to drop a malicious payload on the network. The quickest way to lock your PC is to hold down the ‘Windows’ key and press the ‘L’ key.”
– Tim Colby, Senior Systems Engineer
“Everyone should use OpenDNS / Cisco Umbrella to verify all DNS requests. It is another layer of security for your system. Nearly all anti-virus or anti-malware products must inspect inbound content to determine whether it is ‘friendly’ or ‘hostile’. Why should you allow the request to be fulfilled in the first place just so a subjective decision can be made on the content? Just block it at the DNS resolution point. This can be a paid service (with reporting) or available to anyone free of charge just by setting your DNS settings to 220.127.116.11 and 18.104.22.168. An ounce of prevention is worth a pound of cure!”
– Andrew Tyler, Senior Consulting Engineer
“Take a little time each day or each week to stay current on cybersecurity happenings – types of attacks, tips and tricks, anything to make yourself more aware of the threats present, the technologies used to control those threats, and how you can be part of the solution to combatting cybersecurity threats on a regular basis.”
– Patty Luxton, VP, Engineering Services
Systems Engineer Tushar Dadarwala and Network Engineer Suggatul Alam collectively provided the following list of additional cybersecurity best practices and tips to keep in mind:
- Stop data loss by implementing access control measures
- Consider using the principle of least privilege
- Monitor third-party access to your data
- Utilize multi-factor authentication (MFA) when available
- Consider using biometric factors as part of that MFA validation
- Mange the detection of insider threats and unauthorized behavior
- Back up your data
- Educate employees on cybersecurity awareness
- Train employees on how to spot social engineering attempts and what to do about them
- Keep your systems and software updated
- Maintain compliance with regulations such as HIPPA, PCI, etc.
- Create an incident response playbook
“No matter how well you follow best practices, you still may get breached. In fact, nearly half of organizations suffered a security incident in the past year. If you do, having a response plan laid out ahead of time will allow you to close any vulnerabilities, limit the damage of a breach, and allow you to remediate quickly and effectively.”
– Tushar Dadarwala, Systems Engineer
Suggatul and Project Manager Tom Carusone also stressed the importance of following password best practices. A deeper dive into password tips including proper password length/complexity, using unique passwords for each account, and more can be found here.
Free Cybersecurity Resources
To Patty’s tip above, one component of cybersecurity awareness and being cybersecure is staying up to date on cybersecurity trends and best practices. I’d even build on that by saying that having a wealth of cybersecurity resources in your cybersecurity “tool box” is yet another component.
We’ve compiled some of our top free cybersecurity resources to help you evaluate and improve the state of cybersecurity in your organization:
This is our most popular eBook and features even more practical tips for improving your company’s cybersecurity that you can start implementing right away. It also has guidance as to why developing a robust cybersecurity posture is important for the future of your company (if this post hasn’t fully convinced you yet) and defines the most important pieces of a robust cybersecurity posture.
If you’ve got two minutes, these 10 questions will give you a high-level idea of how cybersecure your company is based on things like how integrated cybersecurity is at your company, if you conduct cybersecurity audits, and more. You’ll get a grade at the end of the quiz and some next steps you can take based on your answers.
This downloadable PDF is a more in-depth version of the interactive quiz. This potentially eye-opening checklist covers 21 cybersecurity considerations across areas such as your business strategy, the state of cybersecurity at your company, your cyber risk profile, device access policies, and how you protect your digital assets. Use this checklist as a jumping-off point as to where you can start making cybersecurity improvements or to get a bit more granular picture of where your cybersecurity is today.
You’re Now A Bit More Cybersecurity Aware
Just by taking the time to read this post you’ve shown that you’re doing your due diligence to stay on top of the latest cybersecurity trends, tips, and best practices to make your organization more cybersecure and that’s a great step to take!
Hopefully these tips and resources can help your organization on its way to a more secure tomorrow. If you feel you’d like to do something with more of a bang, consider our no-cost Security Study.
If your organization is in Connecticut, Massachusetts, or Rhode Island, you can take a customized, 3-step deep dive into the state of your cybersecurity and come out with prioritized, actionable insights into how you can go about improving your organizations cybersecurity.
Hope you’ve had a great Cybersecurity Awareness Month and here’s hoping for a safe and secure rest of 2019!