October is National Cyber Security Awareness Month (NCSAM). The United States has observed NCSAM each October since 2004 in an effort to encourage vigilance and protection by all computer users against cyber threats – one of the gravest national security dangers faced by this country. Cybersecurity is our shared responsibility. Here are a few things you should do to become more Cyber Aware this October:
1. Learn the Basic Steps to Online Safety.
Staying safe and secure begins with basic PC hygiene. Keep your antivirus and antimalware software current. Make sure your operating system, web browser, and software applications are updated as new patches and versions are released. Software developers issue updates not simply to add functionality. These updates also address vulnerabilities that can be exploited by hackers looking to attack your systems.
Secure your accounts with strong passwords. Combine capital and lower case letters with numbers and symbols to create a more secure password. To further strengthen the password, include unrelated words to create unique passphrases. As tempting as I know it is, do not use the same password across multiple accounts. Using separate passwords for every account helps to thwart cybercriminals. Finally, enable two-factor authentication when possible. You’ve likely seen two-factor authentication in your social media accounts and online banking account. Sites that employ two-factor authentication require you to supply an additional piece of information along with your user name and password before granting you access to your account.
2. Create a Culture of Cyber Security in Your Workplace.
Your employees are the single weakest link in the security of your corporate network. It’s imperative that you train staff to be aware of online security risks so that they become better informed about the consequences of their actions online.
Review your company’s acceptable use policy as part of your new employee onboarding process. Educate your employees about best practices with regard to internet safety and security. Include training about email scams and phishing attacks. Also teach your employees what types of information you deem to be sensitive and how to properly handle the disclosure of that sensitive business information to others.
The National Cyber Security Alliance offers free resources to get you started with your training. Access their materials at www.staysafeonline.org.
3. Strengthen Your “Apptitude.”
Smart cities, connected devices, smart cars and smart homes are becoming a reality. We have quickly advanced into a world where there is an app for everything and connectivity is a click away.
Get savvy about Wi‐Fi hotspots. Sure, free Wi-Fi is convenient when you are working outside the office, but taking advantage is also risky. It is possible for a hacker to access unsecured devices on these networks. If this occurs, the hacker can access all the information you transmit from your computer while its connected to that hotspot (such as sensitive emails, banking information, or credit card information.) If you must connect, restrict your activity to casual web browsing. Better yet, use a VPN connection to secure your laptop and its activity.
Be aware of the applications you install on your mobile devices. Research apps to determine if they are safe before downloading them. Be mindful of what information you are allowing the app to access before accepting terms and permissions. Turn geolocation and GPS off when these functions are not needed. Lastly, never ever root or jailbreak your mobile device. Doing so makes them much more susceptible to malicious software.
4. Recognize and Combat Cybercrime.
Fighting cybercrime requires a collaboration of law enforcement, government agencies, private sector employers, and the general public. Malicious links in email, social media posts and phony websites are often the way cybercriminals compromise your computer, and it is easy to fall victim.
If you do fall victim to an online scam, report it. Reports regarding stolen finances, identities and cybercrime should be filed with the Internet Crime Complaint Center and the Federal Trade Commission.
5. Commit to Learn Something New This Month.
The frequency and severity of cyber security events are on the rise. The consequence of a cyber security incident can include financial loss, loss of proprietary data, and damage to your company’s reputation. Can you really afford not to be involved in the management of those risks?
Paducah Economic Development will be hosting a free seminar for our local business community on Tuesday, October 11th as part of National Cyber Security Awareness Month. The session, entitled Are You Cyber Aware? A Proactive Approach to Cyber Security for Small and Mid-Sized Businesses, will take place at 9 a.m. on that date at the Paducah Commerce Center located at 300 South 3rd Street in Paducah. To register, contact Will McDowell at (270) 575-6633 or by email. In addition to presenting at this event, I will be sharing security tips throughout the month on Kalleo’s social networking sites. Access them on Facebook and Twitter.