Step Up Your Cybersecurity Posture This Cybersecurity Awareness Month
Every Month is Cybersecurity Awareness Month
While October is a great time to make sure you are up to speed on all best practices, hackers don’t have a schedule. Every day is a new opportunity for malicious actors to catch you and your systems off guard, and it’s the responsibility of every CIO, CISO, and individual to stop them in their tracks.
Observed every October, Cybersecurity Awareness Month was created by the U.S. Department of Homeland Security and the National Cybersecurity Alliance to bring more awareness to the growing barrage of sophisticated attacks targeting individuals and organizations alike. From basic brute force attacks to more sophisticated malware and ransomware breaches, no one person or business can be too cautious in who they allow access to their accounts and systems.
Today, the mission of Cybersecurity Awareness Month has expanded beyond government agencies to the private sector and to individuals, with a focus on what we can all do to better safeguard our personal and sensitive information.
From Government to the Private Sector
Much of the nation’s infrastructure is privately held – one report by FEMA in 2011 estimated 85% was owned and operated by the private sector – meaning that hackers have a variety of attractive avenues into some of the nation’s most critical operations. From pipelines to water treatment plants, the services we rely on the most are also the most at-risk of suffering a cyberattack. One study by Trend Micro found that 52% of global organizations had one of their suppliers hit by ransomware. 53% of those attacks were hidden in legitimate tooling like Cobalt Strike, meaning that 3rd parties were suffering without actually doing anything ‘wrong’.
Steps You Can Take to Stay Protected
CISA’s Cybersecurity Awareness Month Campaign, “See Yourself in Cyber” is aimed at helping individuals and SMBs alike step up their cybersecurity posture. At Thrive, we strive to bring businesses into the age of NextGen IT and better protect their most crucial systems and sensitive data. Here are a few things we recommend for everyone to practice good cyber hygiene during Cybersecurity Awareness Month and beyond.
Enable MFA Wherever Possible
Multi-factor Authentication (MFA) means that you’ll need more than just one form of ID to get into your secured accounts. Turning on MFA is crucial, and oftentimes quite simple – depending on the sensitivity of the information your organization handles, secondary ID can range from a text sent to your personal cell phone to fingerprint scanners or even facial recognition. Regardless of the type of multi-factor authentication, adding an extra layer to your login procedure not only deters attackers from trying to breach your account, but can stop them in their tracks entirely.
Update All of Your Software
Software updates oftentimes are much more than bug fixes and usability improvements. They patch potential vulnerabilities and close security loopholes. Worried you might miss a crucial update? Turn on auto-updates!
Participate in Security and Phishing Awareness Training
Often a point of discontent, employee awareness training is meant to help you think before you click. Hackers are constantly coming up with new ways to trick users into clicking malicious links and stealing sensitive data.
Use Strong Passwords and Protect Them
Every one of your sensitive accounts should have a unique, complex password. While sometimes hackers use bots to crack passwords, it is always a person using the password once it’s cracked. That means that once one of your accounts is compromised, any others using the same password are likely to follow. Choosing a password manager to encrypt all of your unique passwords is a great way to keep track of and secure all of your unique logins.
For more cybersecurity tips and industry insights, sign up for our blog below or contact a member of Thrive’s expert team today.