October is Cybersecurity Awareness Month, an international initiative highlighting actions everyone can take to stay safe online. Every year, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) create resources for individuals and organizations to protect themselves from cybersecurity threats. Annual resources may sound like the process is complicated, especially with the prominence of AI. However, long-standing cybersecurity basics remain some of the most effective tools today.
Below are four actions anyone can take this month to improve cybersecurity and two additional actions specific to businesses.
1. Use a Password Manager – Using password managers allows you to maintain good password hygiene without memorizing multiple long, complex passwords. This convenience significantly reduces the cognitive load, making it a more manageable task.
Did You Know: About a third of survey respondents began using a password manager after receiving cyber training.
2. Turn on Multifactor Authentication (MFA) – Enabling MFA on accounts provides an additional layer of security, offering a sense of protection even if your username and password are compromised in a cyberattack. This added security measure ensures that your account remains safe, even in the event of a breach.
3. Update Your Software – Stop clicking “Remind Me Later” when software updates pop up. Software developers are constantly looking for weaknesses in their systems to head off cybercriminals, even when they’ve never been breached before. When they find perceived vulnerabilities, upstanding software developers release updates to fix them for everyone. When you update, you ensure you have the latest protections.
Did You Know: Only 36% of people always install software updates when they become available.
4. Recognize Phishing Attempts – Phishing attacks remain one of the most effective ways for cybercriminals to gain access to a victim’s information or systems. A simple link clink can compromise your information or install malware. The NCA has quick tips on how to spot a phishing email:
- Does it contain an offer that’s too good to be true?
- Does it include language that’s urgent, alarming or threatening?
- Is it poorly crafted writing riddled with misspellings and bad grammar?
- Is the greeting ambiguous or very generic?
- Does it include requests to send personal information?
- Does it stress an urgency to click on an unfamiliar hyperlink or attachment?
- Is it a strange or abrupt business request?
- Does the sender’s e-mail address match the company it’s coming from? Look for little misspellings like pavpal.com or anazon.com.
5. Businesses: Conduct Regular Employee Security Training – Regular security training sessions that include simulated tabletop exercises are essential in helping employees from all departments understand their role in the security lifecycle. Confident, informed employees contribute to security hygiene practices that embolden the overall security posture of the infrastructure. Moreover, good security practices should be incentivized by whatever means possible, as it always encourages good security practices with a positive tone.
6. Businesses: Back Up Your Data – Regular automated and encrypted isolated backups of organizational data are critical. This comprehensive backup strategy ensures that even if a business falls victim to ransomware or experiences data loss due to hardware failure or human error, it can quickly recover its essential information and minimize downtime.
Anyone can and should take these actions to boost their safety online. Cybersecurity Awareness Month is a good time to take stock of your vulnerabilities and updates, but remember that cybersecurity is a year-round issue. If your enterprise is looking for more in-depth, streamlined cybersecurity solutions or needs assistance planning for the future, please reach out to us.