What’s the key to staying protected online? People.
This Cybersecurity Awareness Month, it’s all about getting the basics right
Another Cybersecurity Awareness Month has rolled around, and it’s comforting – and maybe a little disheartening – to know that keeping your organisation safe from attacks still comes down to getting those basics right. It’s why the theme for this year’s global event was ‘See Yourself in Cyber’.
Although cybersecurity seems like a highly technical topic, it’s the behaviour of people that makes a difference: using unique passwords, regularly updating software, thinking before clicking and using basic technology protections like multi-factor authentication.
Locally, that theme translated into CyberSmartWeek, headed up by CertNZ. We partnered with it to champion the message in New Zealand. We were also at The Australian Cyber Conference 2022 in Melbourne, sharing our insights and learning from other industry experts.
What individuals can do
Use better passwords
Your first name and birthday might be easy to remember, but it’s also really easy to crack – especially if hackers have mined information about you. Using the same password across different services is dangerous, too – if hackers can discover the password you use for a shopping site, the next place they try it is your bank.
Keeping track of long, strong passwords for every one of your log-ins can be next to impossible. CertNZ recommends coming up with passphrases – long phrases that are meaningful to you but hard to crack. Your online grocery store might be ‘Eat5BriesWithRelish’. Your gaming site could be ‘BeastModeNowActivated’.
The smartest option is to use a password manager – you have one long, strong password to remember, and the manager generates and stores passwords for each of your sites.
Use two-factor authentication
Even long, strong passwords can be hacked, but two-factor authentication (2FA) adds another layer of protection. It most often works by sending a code to your phone, which means that even if an attacker has your password, they won’t be able to get in.
Turn on auto-update
Developers are constantly improving their software, adding and updating features, fixing bugs and, most importantly, patching weaknesses they find in their security. Turning on auto-update means you get that strengthened security as soon as it’s available.
Go fully private
Your social media account could be a treasure trove to would-be attackers, especially if they’re running a phishing scam – they could even use information like where you work, your hometown or your best friend’s name against you. Restricting who can see your personal information reduces the chances you’ll be a target and protects your friends, family and followers.
What businesses should do
Report it
If you, or someone you know, experience an online security incident, report it to CertNZ. It helps New Zealanders protect themselves and recover from online security threats and incidents.
Update your devices and software
Updates help keep your apps and devices healthy. They aren’t just about getting the latest features available – they also protect you from any weaknesses that could let in attackers. The easiest way to do this is by going to settings and turning on automatic updates – then, you just let your apps and devices do their thing.
Secure your domain
90% of all cyber attacks on Australasian organisations come in through email. Securing that portal can stamp out almost all of your risk.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is an important part of that. Implementing DMARC protects your brand by preventing spoofing, improving deliverability and gaining visibility of third-party senders. It stops hackers from using your domain to send business email compromise attacks, phishing emails, email scams and cyber threat activities.
It's also worth looking at your email security’s bigger picture. Many companies rely on Microsoft 365’s EOP or ATP/MDO security protections. Others add third-party solutions that work by disabling rather than adding to those security measures. A solution that offers true dual-layer security is the key to protecting your organisation against attacks.
Consistency is the best form of cyber protection
Even as technology advances, cybercriminals will continue to find ways to exploit the fallibility of human nature. While keeping pace with the latest technology is important, how people use it (or don’t use it), particularly email, can make or break your cyber defences – and that’s where SMX can help.
Contact us for more.