Put Your Defenses Up! It’s Cybersecurity Awareness Month!
19 years ago, the month of October was named Cybersecurity Awareness Month. This month is devoted to “helping individuals protect themselves online as threats to technology and confidential data become more commonplace” (cisa.gov). During the month of October, the Cybersecurity and Infrastructure Security Agency (CISA) AND National Cybersecurity Alliance (NCA) collaborates with government and private industries to raise awareness globally.
This year, CISA AND NCA are highlighting four key action steps to ensure security on all your devices:
Enable Multi-Factor Authentication
Use Strong Passwords
Update Your Software
Recognize and Reporting Phishing
Multi-factor Authentication (MFA)
Multi-factor Authentication is a tool that makes it harder for cybercriminals to gain access to your accounts. Either through a security question, access code/number, or a PIN verification, MFA makes sure that you’re you and gives your account an extra layer of protection. Always make sure to turn on MFA on every account that offers it.
Use Strong Passwords
Let’s be honest, Password1234 is not a good password. A password should be at least 12 characters, unique (that means that all of your accounts should have a different password), and complex by using a combination of upper and lower case letters as well as numbers and special characters (staysafeonline.org).
Did you know? “Contrary to popular belief, you do not need to constantly change your passwords. The National Institute of Standards and Technology recommends against frequent password changes in their Digital Identity Guidelines. Just remember to change your password if there is unauthorized access on your account or if it is part of a data breach” (staysafeonline.org).
Update Your Software
Be sure to update your devices as soon as possible. “These updates fix general software problems and provide new security patches where criminals might get in” (staysafeonline.org). It may be easier to set up automatic updates on your device if you have trouble remembering to update your devices. When you update your device, make sure you receive the update straight from the company. Do not download software from third-party sources.
Recognize and Reporting Phishing
“Phishing (pronounced: fishing) is an attack that attempts to steal your money, or your identity, by getting you to reveal personal information -- such as credit card numbers, bank information, or passwords -- on websites that pretend to be legitimate” (Microsoft). Here are a couple of ways to spot a phishing email:
Contains an offer that’s too good to be true
Language that’s urgent, alarming, or threatening
Poorly crafted writing with misspellings and bad grammar
Greetings that are ambiguous or very generic
For information on the ways to spot a phishing email, read our phishing blog here.
If a phishing attempt came to your work email, make sure to notify your IT personnel immediately. Then delete the message and block the sending address.
To learn more about cybersecurity awareness or how to protect yourself from cybersecurity attacks, head to www.infotect.us/promo and protect your business today.
Resources:
https://www.cisa.gov/cybersecurity-awareness-month
https://staysafeonline.org/programs/cybersecurity-awareness-month/
https://staysafeonline.org/online-safety-privacy-basics/multi-factor-authentication/
https://staysafeonline.org/online-safety-privacy-basics/passwords-securing-accounts/
https://staysafeonline.org/resources/software-updates/