We’ve reached the month of October, which means it’s National Cybersecurity Awareness Month (NCSAM). For 19 years, the NCSAM campaign has served to empower people and organizations to protect themselves as threat landscapes continue to grow. During NCSAM, Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead efforts to raise cybersecurity awareness both nationally and internationally.
“While cybersecurity may seem like a complex subject, ultimately, it’s really all about people. When we say, See Yourself in Cyber, we mean see yourself in cyber no matter what role you play.”
Throughout the month of October, CISA and NCA will cover four key topics that make it easy to advance you and your organization’s security posture.
- Enabling Multi-Factor Authentication (MFA)
- Use of strong passwords and password management
- Recognizing and reporting phishing
- Updating software
Let’s take a deeper dive into these topics and how you can see yourself in cyber by taking an active role in online security.
Enable MFA for Your Accounts
MFA is used for accounts that hold valuable information. You may see MFA used within banks, online stores, or social media accounts—typically anywhere that holds personal information. It’s a security measure which asks you to take an additional step when logging into your account. This second step not only proves your identity, but it can prevent hackers from breaching your account.
For example, if you have MFA set up for your Gmail account, you can expect to login with your username and password, and then enter a code sent to your phone. Other examples of MFA include entering a pin number when you swipe your debit card or answering a security question before logging into an account.
Using MFA is quick and easy—codes are typically sent and processed immediately, so you don’t have to wait around to access your information.
MFA can also include:
- Facial recognition;
- Fingerprint scanners;
- Authenticator applications; and,
- Secure tokens.
Use Strong Passwords and Password Management Software
These days, people are managing tens, even hundreds, of online accounts, and it can be tempting to use the same password over and over. However, that’s not safe practice. It’s important to use a unique password for each account, otherwise, you’re at risk of compromising a lot of data. Weak or repetitive passwords make you vulnerable to hackers who are looking for that one password that can access all of your sensitive information.
But how can you remember a unique password for every single account? That’s where password managers come in. A password manager is software created to store your online credentials in an encrypted database. Passwords managers make it so you don’t have to memorize each unique password. Instead, you only need to remember one—the password for your password manager.
Recognize and Report Phishing
Phishing is when cyber criminals use a fake email to lure you into providing your personal information or installing malware on your device. When recognizing phishing emails, you can look for signs such as:
- Typos, misspellings, and grammatical errors;
- Generic or ambiguous greetings;
- Requests to send personal information;
- Urgency to click on a link or attachment;
- An e-mail address that doesn’t match the company it’s claiming to be from; and,
- Strange or abrupt business requests.
When at work, it’s important to report phishing emails to your IT department or security officer right away. If you experience phishing on a personal device, the best practice is to not click on any links and delete it immediately.
Update Software Automatically and Frequently
Software updates not only fix general issues but also provide security patches for vulnerabilities. A good practice is to set automatic updates, and often. Regularly scheduled automatic updates will take away the stress of having to manually schedule, and it places you a step ahead of bad actors who are looking for ways to reach your data.
It’s also important to download software updates directly from the source and be aware of fake software updates that ask you to urgently download something or enter your information into a form. Unlicensed software or fake pop-up windows could lead to malware and other security problems.
Staying safe online can be easy, and awareness is the first step. That’s why it’s important to continuously see yourself in cyber. There’s many free resources online, and during the month of October, you can keep an eye out for more information from CISA and NCA that provide cybersecurity advice and best practices.