For eighteen consecutive years, Congress and the U.S. President have declared October as Cybersecurity Awareness Month. Of course, in an age when unsafe virtual practices can unintentionally cripple a nation or economy, consciousness is key. However, cyberattacks pose a risk for all individuals – not simply those in the upper ranks of authority. In fact, cybercrime affects over 594 million people every year.
Bad actors take advantage of young and old alike, wealthy and impoverished. So, most members of society need to have a good grasp on safe virtual practices. After all, hackers continually adapt to the environment, growing more and more difficult to discern and outwit. Cybersecurity Awareness Month provides the perfect excuse to focus on shoring up knowledge and defenses.
Since Cybersecurity Awareness Month revolves around exercises to build awareness, here are some important tips for online safety. They could mean the difference between security or disaster.
6 Tips for Online Safety
1. Set Stronger Passwords
Most online accounts require passwords as part of the login process, and unfortunately, brute force password cracks happen all the time. In fact, many people mistakenly believe they have strong passwords when, realistically, bad actors could break them instantly. For example, a string of ten numbers might initially appear secure. It’s random and difficult to guess the correct order. However, a single person working alone could easily break the code in a matter of hours. A computer attempting the same attack could do so in an instant.
That’s why setting stronger passwords is one of the easiest and most efficient methods for protecting against cyberattacks. Perhaps Cybersecurity Awareness Month represents the perfect time to bolster them. Fortunately, there are several ways to do so:
- Use numbers, letters and symbols
- Include upper and lower case letters
- Set longer passwords or even full passphrases
- Refrain from using the same passwords across different accounts
The key is using each of these tips in conjunction, because only employing one presents more risk than all together. What’s more, several used in conjunction exponentially raise the time it takes for brute force hackers to crack a password. For example, a nine-character password using upper and lower case letters, numbers and symbols takes three weeks to break. However, upping that password by only five characters means it will take two million years to crack. The difference in level of security after adding only five characters is astounding. And since individuals can deploy stronger passwords immediately, it’s an essential method for protecting accounts.
2. Enable Multi-Factor Authentication
Multi-factor authentication sounds like a mouthful, and can seem somewhat scary, but the concept is simple. Most accounts require at least a username and a password; however, many now require multiple forms of authentication. Most people have likely encountered this already, potentially without knowing. Sometimes, MFA requires answering a personal question (i.e., What’s your mother’s maiden name) to verify the correct user. Other times, it requires the user to input a code sent directly to their email or phone. In essence, multi-factor authentication represents a third step taken every time a person logs in. And it helps ensure the person accessing the account is supposed to.
Enabling multi-factor authentication is helpful, because even if a hacker learns a correct password, they might still be stopped. After all, if they don’t have access to your phone, a simple text message code could prevent them gaining entry. Setting up MFA is generally simple, and each site or account guides the user through the process. So, individuals serious about safe online practices should look into enabling multi-factor authentication on their accounts.
3. Regularly Update Software
Compared to setting stronger passwords, people might actually find software updates easier. After all, they can set most to take place automatically and never have to worry. But at the same time, checking to make sure devices are up-to-date never hurts. That’s because software fixes often deploy security patches to protect known weak points. As a result, bad actors have an easier time hacking into devices that aren’t properly updated. So, when a valid, legitimate notification appears for an update, it’s good practice to do so as quickly as possible.
4. Verify Before Trusting
Phishing and its variants represent some of the most common forms of contemporary hacking. Typically, it comes in the form of an email or message trying to get you to click a dangerous link or willingly provide information. Ultimately, bad actors can then use this tactic to take control of accounts, encrypt files, or perform any number of other heinous acts. While phishing attacks have evolved and become more complex over the years, there are still ways to recognize them.
First and foremost, people should avoid immediately clicking links sent in emails. Even if they appear that they’re coming from valid sources. Spear phishing attacks target individuals and often contain information that seems pertinent to them. So, an easy step whenever an email asks for sensitive information is to verify with the sender that they actually sent the message. For example, call the IT director to make sure they really needed you to send your password before doing so.
Of course, there are many other ways to recognize phishing attacks, like checking the email address of the sender. But the overall principle is simple. Always verify before trusting.
5. Lock Devices Regularly
Interestingly enough, not all virtual attacks are carried out online. Sometimes, hackers gain physical entry to the corporate offices of a company or institution. Then, working from within, they cripple systems or steal vital information. That’s why individuals must regularly lock devices, especially when stepping away from the desk. It only takes a few moments of break time for a bad actor to step in and access an unprotected computer. But it takes even less time to lock a screen behind a password or PIN. Workers don’t need to shut down and reboot their devices every time they run to the lounge for coffee. But taking a few seconds to protect their devices can make a world of difference. It might appear small and insignificant. But it’s better than asking what-if after a successful attack.
6. Help Others Stay Safe
Essentially, making others aware of cybercrime helps keep everyone protected. After all, that’s what Cybersecurity Awareness Month is about. People who understand the dangers of cyber attacks should help others who are more vulnerable stay safe. For example, parents should educate their children on the dangers of online scams while setting up appropriate barricades. Children of older, trusting adults could help warn them and avoid devastating consequences. Cybercrime reaches far and often impacts many individuals beyond the initial recipient. So, helping others understand common forms of hacking and cyberattacks is paramount to security.
Develop Your Skills During Cybersecurity Awareness Month
October is a special time set aside to celebrate and develop stronger cybersecurity awareness. However, it’s never a bad time to invest in better safety measures. That’s why VTR Learning has partnered with ACI Learning to make robust cybersecurity courses available.
You can only learn so much from a short blog, but a full course on cybersecurity can offer a wealth of valuable information. And with rampant cybercrime, protection is a worthwhile investment for any individual.
Furthermore, under VTR Learning’s accreditation status, these courses provide continuing education credit for SHRM, HRCI, and NASBA. So, learners can develop stronger cybersecurity skills while accomplishing their professional goals. Don’t miss out on the chance to strengthen your defenses against hackers and other bad actors. Check out our shop for more information on our cybersecurity courses.
Article written by Braden Norwood
Last updated March 16, 2023
