Fidelis Blog
Author

Chris Kubic
CISO

Chris Kubic is the Chief Information Security Officer (CISO) at Fidelis Cybersecurity. Kubic brings with him more than 30 years of experience driving Information Assurance and Cybersecurity initiatives... Read More

Comments

Make Cybersecurity Your New Year’s Resolution for 2020

Are you still looking for the perfect New Year’s Resolution for 2020? How about improving your cybersecurity practices across your personal and working lives? I can guarantee it will lead to a less stressful 2020 knowing that you are taking steps to better protect your personal information and your employer’s sensitive information while online.

2019 was an unprecedented year for cyber attacks. It seemed like a daily occurrence that Ransomware attacks, Phishing attacks, and data breaches were reported in the news. I’m certain we all were impacted in some way by loss of our personal information through a data breach. So what’s in store for 2020? Unfortunately, more of the same and the attacks will grow even more sophisticated by combining stolen personal information with information mined through our online presence and social media accounts to create more detailed, targeted, personalized, and believable attacks.

So what can you do to better protect yourself in the New Year? Remain vigilant and follow these simple cybersecurity best practices and we will all be a little safer online.

  • Use hard-to-guess passwords. A password should have a minimum of 8 characters using 2 or more of the following: uppercase letters, lowercase letters, numbers and special characters. To make it easy for you to remember but hard for an attacker to guess, create a passphrase. For example, pick a phrase that is meaningful to you, such as “Charleston, SC is a great place to visit” Using that phrase as your guide, you might use CSCiaGR8p2v! for your password. Where available, and particularly for your more sensitive accounts, use 2 Factor Authentication (2FA) to augment the security of your password.
  • Use different passwords for different accounts. If one password becomes compromised, your other accounts are not compromised. I would suggest using a password manager to store and manage your passwords. This eliminates the need to remember and/or write down your passwords. It’s also important that you do not share your passwords with others or display them in public areas. It is ultimately your responsibility to safeguard your passwords!
  • Stay vigilant against Phishing attacks and other e-mail based scams. Don’t click on links in an e-mail from an unknown or untrusted source. Cyber attackers often use authentic looking links (e.g., substituting “rn” for “m” in microsoft.com) to trick you into visiting malicious sites and downloading malware that can be used to steal data and damage networks. Don’t open e-mail attachments from an unknown or untrusted source. If you receive a suspicious email, the best thing to do is to delete the message.
  • Change the default password on all your home network devices. Remember that new wireless security camera you got for Christmas? It probably came with a default password set by the manufacture and the default password will be the first one tried by an attacker. It is important to do this for everything connected to your home network – routers, Wi-Fi access points, security cameras, game consoles, internet connected appliances, etc.
  • Backup your computer and mobile phone regularly using a cloud-based backup service or a removable hard drive (that is disconnected from your device unless you are performing a backup). At a minimum, ensure you have a backup copy of your important documents, files, and photos. This allows you to recover your important information if you are struck by a Ransomware attack.
  • Don’t post any private or sensitive information, such as credit card numbers, passwords or other private information, on public sites, including social media sites. Be sure to enable privacy settings on social media sites to restrict access to your personal information.
  • Don’t leave your laptop or mobile phone unattended in public places and lock your screen when your device is not in use. Enable passwords, PINs, and/or biometric authentication features on your computer and mobile phone. This helps protects data from unauthorized access and use should your device be lost or stolen. If your device supports remote erase (e.g., Find my iPhone), ensure that this feature is enabled and configured ahead of time so that you can erase your device if it is lost or stolen.
  • Remember that Public Wi-Fi is a shared service and is not as secure as your home network. Avoid performing sensitive activities while on Public Wi-Fi (e.g., mobile banking) or use a VPN service to protect your sensitive communications while using Public Wi-Fi.

Hopefully this has provided you with some practical and easy to implement cybersecurity guidance to better secure your online activities in the New Year.

Have a Happy and Safe 2020!

Stay up to date on all things security

Subscribe to the Threat Geek Blog