By Tonia Dudley
As we kick of Cybersecurity Awareness Month, let’s start with a bit of background before digging into this week’s #BeCyberSmart theme. The National Cybersecurity Alliance (NCSA) is a nonprofit, launched in 2004 as a joint effort between industry and government. This is co-led by the Cybersecurity and Infrastructure Security Agency (CISA) and NCSA. The mission of NCSA during this month is to raise awareness about the importance of cybersecurity and ensure that everyone has the information and tools they need to be safer online.
Each year NCSA collaborates with CISA to identify themes for the month to emphasize topics that are of interest to both enterprise and consumers. For this blog series, I will highlight the theme of the week and provide insights for both your organization and your personal life.
Week 1: Be Cyber Smart
So, let’s get started with our first week and theme. It’s everyone’s job to know and perform basic cyber best practices. Cofense continues to see credential phish as the top threat to organizations. In our 2021 Annual Report of our findings for 2020, over 50 percent of the phish we observed were credential phish. Whether it’s your business or personal account, there are few basic steps you can take to protect your accounts.
- Create a unique username and password for each account.
- By creating unique usernames and passwords, you minimize your exposure against attacks.
- If your organization can enable single sign-on (SSO), even better. The more you can simplify authentication for your employees, the more you can reduce the number of credentials they need to create.
- Enable multi-factor authentication (MFA) or two-factor authentication (2FA).
- When you enable MFA on your accounts, you greatly reduce the risk of having your account compromised.
- According to Microsoft, “By providing an extra barrier and layer of security that makes it incredibly difficult for attackers to get past, MFA can block over 99.9 percent of account compromise attacks. With MFA, knowing or cracking the password won’t be enough to gain access.”
- Keep your systems updated.
- Enable auto update on your home computer and mobile devices. By keeping your devices current with the latest version, you reduce the likelihood of a vulnerability being exploited.
- Stay current with CISA alerts to ensure you’re aware of critical vulnerabilities that need immediate attention.
- Keep back-up copies of your data, both on and offsite.
- With the increase in ransomware attacks, this is a critical step to quickly recover and restore operations.
- For your home devices, enable an automated sync to cloud solutions to ensure you don’t lose precious photos and important documents.
A little can go along way when it comes to protecting your organization against cyber threats. Whether you’re just getting started or looking to enhance your security awareness program, check out this four- part blog series. It’s never too late to get started.
Part 1: https://cofensestaging.wpengine.com/building-security-awareness-program-start-strategy/
Part 2: https://cofensestaging.wpengine.com/security-awareness-choosing-methods-content/
Part 3: https://cofensestaging.wpengine.com/where-do-security-awareness-programs-belong-on-the-org-chart/
