Cyberattacks are now seen as the biggest risk to businesses – outranking COVID-19, economic turmoil, skills shortages, and other issues, according to the Hiscox Cyber Readiness Report 2022. One of the best ways to combat these threats is for organizations to educate employees about cyber and data security.
October is Cybersecurity Awareness Month, a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) to raise cybersecurity awareness nationally and internationally. This year’s theme, “See Yourself in Cyber,” highlights four key action steps everyone should take to protect themselves – and their companies – from cyber threats:
- Enable Multi-Factor Authentication (MFA): According to CISA, “the most common password in the country is still 123456.” Even with strong passwords, security threats remain present through phishing emails and other cyber-attack schemes. MFA goes beyond standard password protection to significantly reduce the likelihood of getting hacked. Enabling MFA adds two or more steps when using trusted websites and/or applications that require you to confirm your identity after entering your password. This is especially important for organizations that have access to sensitive client data and information.
- Use Strong Passwords: Hackers have become much more advanced in recent years. While MFA is helpful, it shouldn’t be the only safeguard individuals take to protect themselves from data security threats. At Fairview®, we recommend that organizations implement a password policy that requires the use of unique, strong passwords for each online account. Strong passwords should be at least 14 characters in length and contain characters from three of the following categories:
- English uppercase characters (A through Z)
- English lowercase characters (a through z)
- Base 10 digits (0 through 9)
- Non-alphabetic characters (for example: !, $, #, %)
- Recognize and Report Phishing: Phishing is a type of social engineering where an attacker sends a fraudulent message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim’s infrastructure, like ransomware. Phishing schemes, for example, could be links to what look like legitimate web pages or emails requesting personal information. Hackers can obtain your passwords, social security number, credit card numbers, and other Personally Identifiable Information (PII) if you interact with these phishing schemes.
- Update Your Software: Network defenders work hard to restore and update software systems before flaws can be exploited. One of the best steps to protect yourself from these software flaws is to turn on automatic updates. This includes updates on operating systems and web browsers on all devices.
To learn more about how you can protect yourself from these kinds of attacks, visit CISA’s Cybersecurity Awareness Month page.
Fairview Cyber helps reduce risk and protect financial services and their companies by offering comprehensive cyber and data security solutions for businesses focused on protecting client data. We provide full-service and a la carte options, including vendor management solutions, Phishing training, dark web scanning, and external scans. Contact us to learn more.