What is cyber security?
Cyber security, also known as computer security or IT security, is the practice of protecting computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks that can corrupt hardware, software, and/or electronic data.
Cyberattacks can result in monetary loss, as well as the theft of personal, financial, and medical information, all of which can harm your reputation and safety.
Why is cyber security SO important?
Because smartphones, computers, and the internet have become such an integral part of modern life, it’s difficult to imagine how the world would function without them. From online banking and shopping to email and social media, it is critical for each of us to protect our accounts, data, and devices.
How cyberattacks can occur?
Some of the most used ways cyberattacks can occur include:
- Attempting to access your computers, mobile phones, gaming systems, and other internet- and Bluetooth-enabled devices;
- Bringing your financial security at risk, including identity theft;
- Blocking your access or deleting your personal information and accounts;
- Making your job or business services more complicated;
- Having an impact on transportation and the power grid.
Be Cyber Aware!
On an individual level, everyone is concerned about cyber security because we are all exposed to cyber security risks when we go online, so here are some cyber security recommendations:
1. Keep Your Software Up to Date
- Set your device to receive automatic system updates;
- Check that your desktop web browser receives automatic security updates;
- Keep your web browser plugins, such as Flash and Java, up to date.
2. Use Anti-Virus Protection & Firewall
- Install and activate the firewall and intrusion detection system;
- Virus and spyware definition files should be updated;
- Scanning computers with anti-virus software should be done on a regular basis.
3. Use Strong Passwords & Use a Password Management Tool
- Use a different password each time;
- The password must include at least one lowercase letter, one uppercase letter, one number, and four symbols, but not the characters & percent #@;
- Choose a password that is simple to remember and never leave a password hint out in the open for hackers to see;
- If you forget your password, you can reset it. However, change it once a year for a general refresh.
4. Use Two-Factor or Multi-Factor Authentication
5. Be aware of Learn about Phishing Scams (be suspicious of emails, phone calls, and flyers)
- Don’t open email from people you don’t know;
- Understand which links are secure and which are not – Hover over a link to see where it takes you;
- Be wary of emails sent to you in general – check to see where they came from and if there are any grammatical errors;
- Malicious links can be passed on by exposed friends, so be extra cautious!
6. Protect Your Sensitive Personal Identifiable Information (PII)
- PII includes information such as name, address, phone numbers, data of birth, Social Security Number, IP address, location details, or any other physical or digital identity data.
7. Use Your Mobile Devices Securely
- Create a Difficult Mobile Passcode That Isn’t Your Birthdate or Bank PIN;
- Install Apps from Reliable Sources;
- Maintain Your Device – Hackers Take Advantage of Vulnerabilities in Unpatched Older Operating Systems;
- Sending PII or sensitive information via text message or email is not recommended;
- Leverage To prevent loss or theft, use Find My iPhone or the Android Device Manager.
8. Perform regular mobile backups with iCloud or by enabling Android Backup & Sync.
9. Don’t Use Public Wi-Fi
- Never use public Wi-Fi without a Virtual Private Network (VPN). The traffic between your device and the VPN server is encrypted when you use VPN software. This makes it much more difficult for a cybercriminal to gain access to your device’s data. When security is critical, use your cell network if you don’t have a VPN.
10. Review Your Online Accounts & Credit Reports Regularly for Changes
When it comes to Cyberattacks on enterprises level, small and medium-sized businesses should consider implementing the following cyber security measures.
1. Asset Security
Create a standard operating procedure for collecting, handling, and protecting critical data. Each high-priority item should be protected, tracked, and encrypted.
2. Security of Information Systems and Related Architectures
Conduct regular scans for system vulnerabilities and implement corrective actions as soon as practicable. Create information systems and related architecture that continue to provide required functionality in the face of threats such as malicious acts, human error, hardware failure, and natural disasters.
3. Communication and Network Security
At the network gateway, implement security mechanisms such as firewalls and intrusion detection/prevention systems to protect the network from external attacks. The settings on each communication and network device must be managed and enforced centrally.
4. Identity and access management
It implies putting in place meticulous systems to identify people and manage their permissions. Conduct a periodic review of staff access permissions to determine or re-establish eligibility based on job responsibilities. For example, revoke all access and accounts of a staff member who has left the organization or been transferred to another unit.
5. Incident Response
Review logs and audit trails on computer / network equipment on a regular basis for anomalies and potential attacks. Monitor system operations using an automated system and intelligent analytics. Establish rapid response protocols and automated response capabilities to deal with security incidents, including the suspicion of intrusion, as soon as possible.
Conduct periodic risk assessments and reviews to ensure cyber security risks are properly managed. Create a risk-aware culture and then spread the word throughout the organization.
Source: Ready.gov/Cybersecurity, Forbes.com, DigitalGuardian.com, ITGovernance.co.uk, NCSC.gov.uk