Day by Day organizations of all sizes are becoming victims of cyberattacks. Here are 7 easy steps you can employ to reduce your cybersecurity risk.
Organizations of all sizes are at risk for cybersecurity attacks and data leaks. This has only become more true especially in consideration of the recent increase in cybersecurity attacks across all industries and against businesses of all sizes.
In this article, our cybersecurity experts are sharing 7 easy tips to improve your cybersecurity posture.
7 Cybersecurity Mistakes You Are Likely Making
You assume you are not a target.
The cyberseucrity experts at Pentagon Cyber, Inc report that many business owners they talk to don't believe that their organization is a target for malicious hackers. This belief downplays the significance and potential damage that a cybersecurity incident could pose to their organization and leaves many gaps in their cyberseucrity posture. People and organization's who believe they are not a target of hackers become the "low hanging fruit" for malicious individuals online.
"People and organization's who believe they are not a target of hackers become the "low hanging fruit" for malicious individuals online."
The first step to securing your personal data is to recognize that everyone is at risk for a cybersecurity breach. Every person, entity, or organization no matter how big or small is always at risk for a cyberseucrity incident. Once you are aware of your own level of risk, you can begin to take steps to protect your data.
You are using out-of-date software.
In a recent article published, we discussed how Ukrainian hackers were able to interfere with Russian supply trains in Belarus. These hackers gained access to the Belarusian train systems largely because the train controls used Windows XP, an outdated Windows operating system. If modern, updated software had been employed then the Ukrainian hackers would have had more difficulty getting into the Belarus train networks.
It is important to ensure that all of your systems, from your phone to your desktop computer, are up to date and have updated anti-virus software. This will patch many of the holes that hackers and malware will use to get into your system. This simple step alone will do much to protect you and your organization.
You are using poor or compromised passwords.
Do you use the same or similar password for everything? When was the last time you changed your password for important accounts such as your bank, employee login, or other valuable programs? Do you use a password manager? These are all questions someone mindful of their cybersecurity posture should be asking.
Our cybersecurity experts recommend that strong passwords should be employed and changed every 3-6 months. Strong passwords should include combinations of capitol and lowercase numbers and letters with occasional symbols. Strong passwords should not be easy to guess, such as birthdates, pet names, "password" or "admin" passwords, etc.
"I love it when people who use password managers, they make my [ethical hacking] job very easy!"
Additionally, our team recommends avoiding a password manager program. Password manager programs actually increase risk of being hacked. This is because password manager programs are typically easy to break into and retrieve information from. Password managers also allow hackers who gains access to one account the ability to access all connected accounts.
Pentagon Cyber's President, Dr. Charlene Coon, was previously an ethical hacker for the FBI. In her experience password manager programs were one of the best ways for her to gain access to someone's network. Dr. Coon says, "I love it when people who use password managers, they make my [ethical hacking] job very easy!"
You leave your computer or phone unlocked when away from workstation.
Have you ever left your workstation to use the bathroom without locking your phone or computer? Leaving your computer unlocked and unattended can be one of the easiest ways for hackers to gain access to your network. It only takes a few moments for an unlocked, unattended device to become a vulnerability.
This is a common cybersecurity mistake in the office. Many coworkers feel that they can trust their coworkers around their computers and so leave it unlocked when stepping away. While most of your coworkers should rightfully be trusted, we must also note that according to an article published by techinjury.net 34% of businesses face insider data breaches yearly. A coworker who is causing an internal data breach can access your computer and blame the breach on you if you leave your computer unlocked and unattended.
You use public WiFi without a VPN.
Have you ever logged onto the public WiFi at your local coffee shop to get some work done? Of course, everyone has done this at some point. What is often not considered is how someone in the same room could steal personal information from your device if you are logged onto the same network.
A good way to protect your personal information from these hackers would be to use a VPN on your phone or device. A VPN will encrypt and hide information from others connected to the same network and protect you from data stealers.
You don't backup valuable data regularly.
Backing up your valuable information is an often overlooked but important cybersecurity procedure. Our cybersecurity experts recommend that you follow the 3-2-1 backup rule. The 3-2-1 backup rule is simple to follow, you have 3 backups of your important information on two forms of digital media and one off-site copy of your data.
So, for example, someone following the 3-2-1 rule will have their first backup on their desktop, a second on an external hard drive, and a third on an off-site backup such as cloud storage. This is extremely important because if your computer is infected with ransomware, the only way to recover your machine without paying the ransom is to have a backup you can roll your machine back to.
You are unaware of how to protect yourself current phishing or malware scams.
One of the best ways to protect your personal information is to stay informed! New phishing or malware scams pop-up frequently. It is important to be aware of what scams are out there and what you can do to protect yourself.
The Federal Trade Commission has part of their website dedicated to informing consumers about new and current malware and phishing scams. Follow the link to learn more about current scams going on right now. Remember, if something feels off about a website or email, follow your gut instinct and don't click on the link!
This chart from cipher.com shows the most common sources of cybersecurity incidents. Hacking, phishing, and malware are frequent causes of cybersecurity incidents. I find it interesting that the majority of these cybersecurity incidents can be prevented with training and education around good cyber-hygiene.
The cybersecurity experts at Pentagon Cyber, Inc. have the tools, talent, and training to help you team achieve success and avoid common cyberseucrity pitfalls. The cybersecurity experts are here to overview your organization's systems and look for gaps in your network security, train employees on proper cyber-hygiene, and help you develop healthy policies and procedures to prevent and respond to a cybersecurity incident.
Book your FREE initial cybersecurity consultation with one of our experts today using the link below.