Cybersecurity Awareness Month 2022 See Yourself in Cyber Happy Cybersecurity Awareness Month! Every October, organizations like the National Cybersecurity Alliance (NCA) and the Cybersecurity & Infrastructure Security Agency (CISA) create awareness campaigns to help people in all walks of life develop a better understanding of cybersecurity risk and skills that will help stop cybercrime. This year’s theme, See Yourself In Cyber, emphasizes that we all play a role in making our online activity, and the online resources that people create and use, safer and less vulnerable to criminals. Here at PlexTrac, we work hard to be part of the cybersecurity solution for ourselves and our clients every day of the year, not just in October. As an NCA Champion Organization for 2022, we are committed to educating others about how they can achieve a better cybersecurity stance and to putting these practices into use on a personal and a company level. Check out how PlexTrac is helping cybersecurity professionals increase their effectiveness and efficiency every day so they can keep winning the right cybersecurity battles. So, how can you “See Yourself in Cyber”? Seeing Yourself in Cyber as an Individual With most people in the U.S., more and more aspects of our lives are tied to online activity. While this trend has been in effect for a while, the Covid pandemic has accelerated the push to move work, shopping, banking, entertainment, health, and other areas of our lives wholly online. And while these changes have resulted in greater ease and convenience, they have also opened us all to new and intimidating risks. Criminals, intent on gaining access to your information and devices, are creating increasingly sophisticated methods for breaking down your defenses. From convincing phishing messages to ransomware, and attacks on everything from your PC to your web-connected vacuum, cybercriminals will try and test just about any access point in your online life to get what they want. But you don’t have to stand by helplessly while these criminals storm your metaphorical castle gates. There are some ways that you can make yourself and your family safer. Enable Multi-Factor Authentication (MFA) Multi-Factor Authentication (MFA), also known as two-step verification, provides an easy and effective additional layer of security for online accounts and devices. Instead of only using your username and password, two items that cybercriminals have the ability to gain via a hack, MFA requires something extra from you — a texted one-time code, a PIN number, your scanned fingerprint or face, an answer to a security question, a texted code — to make sure that you are who your username and password say you are. If any of your devices or online accounts offer MFA, activate that option! Your accounts, and your sensitive information, will be all the safer because of it. Use Strong Passwords and a Password Manager Gone are the days when you could use a password like “Password123” or the default password given to you when you first set up an account. Cybercriminals have the ability to rapidly test thousands of passwords during an attempted hack on your accounts, and if your passwords happen to be weak, then they offer no security at all. The best passwords tend to meet certain criteria: They contain 12 or more characters They contain a variety of elements, like capital and lowercase letters, numbers, and special characters (like ^ or !) They are completely unique, meaning that you do not have 2 or more accounts with the same password And if you’re overwhelmed at the thought of all of these long, complex passwords for your hundreds of accounts (or even if you’re not), you’d be wise to use a password manager. Pick one that offers multi-factor authentication, encryption, password risk rankings, zero knowledge, and other security features that ensure that you and only you can access your passwords. Update Your Software The majority of software on your devices will need updating now and then — not just for working with updated operating systems or offering new features, but also for security reasons. The software makers, if they’re doing their jobs, are constantly analyzing their software for weaknesses, and an update could contain a vital security patch. Make sure you’re updating your software often (set up automatic updates, if possible), but keep an eye out for fake update pop-up windows that trick you into downloading malware — get the update from within the software to be safe. Recognize and Report Phishing Dark ReadingDarkreading.com recently reported that 83 percent of businesses suffered a successful email-based phishing attack in 2021. With workers facing a near-continuous onslaught of emails every day, it can be so easy to click on the wrong link. Fortunately, a few extra seconds of review and thought can save you and your company a lot of hassle. Take a moment to ·Check the text and sender’s email address for spelling mistakes ·Ask yourself if the message’s offer or request rings true. Is it unrealistically urgent, too good to be true, unusual, threatening, or overly generic or vague? If you’re not sure, play it safe and forward it to your IT team without clicking the link. See Yourself in Cyber as a Future Cybersecurity Expert You only need to watch the news to understand the nation’s need for a strong cybersecurity force. Individuals, companies, utilities, power plans, and military targets face hacking threats from foreign powers, organized crime organizations, and opportunistic criminals. Considering a career change? The United States is in serious need of cybersecurity specialists. According to CyberSeek, the demand for cybersecurity workers is accelerating rapidly, with over 700K job openings posted within the last 12 months. Careers in cybersecurity pay well, offer a wide range of challenges and opportunities for growth, and will be in great demand for years to come. Check out PlexTrac’s handy guide, How to Get Into the Cybersecurity Industry, to learn more. See Yourself in Cyber as a Cybersecurity Partner in Industry Current cybersecurity workers, regardless of the industry they’re working in, can help their employers and fellow employees strengthen their cybersecurity posture. Given the constant threats that your company will face, there are plenty of ways beyond the initial employee training and phishing reminder emails to keep your company safe. Keep the Conversation Going You’re shooting yourself in the foot if you think that a 15-minute orientation is sufficient to educate your coworkers on cybersecurity strategy. How much do you remember from your orientation day? There are plenty of ways to keep your coworkers engaged and aware of threats. Send brief and clear messages on a regular schedule about new threats, breaches, and tips. Offer educational sessions over the lunch hour. Conduct phishing tests, and follow up with the employees that fell for your bait. Find out the best way to get your coworkers’ attention, and use that to remind them of their role in keeping your systems safe. Check out PlexTrac’s white paper The Pillars to Establishing a Successful Security Program for more insight into supporting employees in adopting cybersecurity best practices. Stay On Top of Things The threats your company faces are continually shifting. An initial safeguard setup might work for a while, but as criminals and their tools become more sophisticated, so should your strategy. Sign up for security alerts, join cybersecurity industry organizations, get yourself and your team the training and education they need, and do whatever else you need to do to put yourself in the best position to protect your employer. Build a Strong Foundation Are you involved in creating new systems or programs? Your attention to the initial setup may mean the difference between a secure system and a breached system — don’t skimp on the security precautions when you’re building something, even if it takes you more time on the outset. It may cost you and your team some extra hours, but it may save you days (or weeks) of work farther down the road. Be Like PlexTrac, Be a Part of the Solution Here at PlexTrac, we devote ourselves to helping others improve their security posture. Hundreds of our clients, and their own customers, use PlexTrac as a crucial tool to detect, report, and correct security flaws in their systems. Whether you want to improve the security posture of your household, company, or nation, every one of us can do our parts to reduce cybercrime and build a safer world, online and offline.
Vulnerability Assessment vs Penetration Testing: Understanding the Key Differences Vulnerability Assessment vs Penetration Testing READ ARTICLE
Unlocking Continuous Threat Exposure Management: New Features for Prioritizing Remediation Based on Business Impact The evolution of product security READ ARTICLE