Products
Products
Detection
Response
Intelligence
About Cofense
About Cofense
Leadership
Free Tools
Free Tools
Build Resilience
Create Transparency
Speed Response

Welcome to the Cofense Blog

Get the latest information on phishing threats and trends, BEC, ransomware and credential phishing, plus Cofense product updates.

Follow us on Social Media

Be Cyber Smart: Four Steps to Protecting Your Business or Home

By Tonia Dudley

As we kick of Cybersecurity Awareness Month, let’s start with a bit of background before digging into this week’s #BeCyberSmart theme. The National Cybersecurity Alliance (NCSA) is a nonprofit, launched in 2004 as a joint effort between industry and government. This is co-led by the Cybersecurity and Infrastructure Security Agency (CISA) and NCSA. The mission of NCSA during this month is to raise awareness about the importance of cybersecurity and ensure that everyone has the information and tools they need to be safer online.

Each year NCSA collaborates with CISA to identify themes for the month to emphasize topics that are of interest to both enterprise and consumers. For this blog series, I will highlight the theme of the week and provide insights for both your organization and your personal life.

Week 1: Be Cyber Smart

So, let’s get started with our first week and theme. It’s everyone’s job to know and perform basic cyber best practices. Cofense continues to see credential phish as the top threat to organizations. In our 2021 Annual Report of our findings for 2020, over 50 percent of the phish we observed were credential phish. Whether it’s your business or personal account, there are few basic steps you can take to protect your accounts.

  • Create a unique username and password for each account.
    • By creating unique usernames and passwords, you minimize your exposure against attacks.
    • If your organization can enable single sign-on (SSO), even better. The more you can simplify authentication for your employees, the more you can reduce the number of credentials they need to create.
  • Enable multi-factor authentication (MFA) or two-factor authentication (2FA).
    • When you enable MFA on your accounts, you greatly reduce the risk of having your account compromised.
    • According to Microsoft, “By providing an extra barrier and layer of security that makes it incredibly difficult for attackers to get past, MFA can block over 99.9 percent of account compromise attacks. With MFA, knowing or cracking the password won’t be enough to gain access.”
  • Keep your systems updated.
    • Enable auto update on your home computer and mobile devices. By keeping your devices current with the latest version, you reduce the likelihood of a vulnerability being exploited.
    • Stay current with CISA alerts to ensure you’re aware of critical vulnerabilities that need immediate attention.
  • Keep back-up copies of your data, both on and offsite.
    • With the increase in ransomware attacks, this is a critical step to quickly recover and restore operations.
    • For your home devices, enable an automated sync to cloud solutions to ensure you don’t lose precious photos and important documents.

A little can go along way when it comes to protecting your organization against cyber threats. Whether you’re just getting started or looking to enhance your security awareness program, check out this four- part blog series. It’s never too late to get started.

Part 1: https://cofense.com/building-security-awareness-program-start-strategy/

Part 2: https://cofense.com/security-awareness-choosing-methods-content/

Part 3: https://cofense.com/where-do-security-awareness-programs-belong-on-the-org-chart/

Part 4: https://cofense.com/october-may-be-ending-but-phishing-attacks-never-stop-heres-how-to-make-security-awareness-successful-all-year-round/

All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks. Any observations contained in this blog regarding circumvention of end point protections are based on observations at a point in time based on a specific set of system configurations. Subsequent updates or different configurations may be effective at stopping these or similar threats. Past performance is not indicative of future results.
The Cofense® and PhishMe® names and logos, as well as any other Cofense product or service names or logos displayed on this blog are registered trademarks or trademarks of Cofense Inc.