According to the Verizon DBIR for 2022, 82% of breaches are related to human error. Hackers look for phishing ads, malware, etc. to access system security and access critical data. In order to effectively protect your organization and encourage a culture of cybersecurity awareness, it is important that you and your employees are informed about cybersecurity best practices.
To help you get started, here are 10 cybersecurity tips every employee should know:
1. Use strong passwords
We’ve all heard that having a strong password is important, but what is a strong password?
If you create strong passwords, it can be difficult to keep them all. Using a password manager to store and manage your various passwords can help you stay organized in a secure way.
2. Use SLAM techniques to detect suspicious emails
Phishing attacks are an important part of modern cyber attacks. Some are highly structured and may contain references to your colleagues, family members, hobbies, etc. The best way to reduce this is awareness – use SLAM techniques to help detect phishing attacks:
Sender: verify the sender’s email address
Links: Browse and preview links before clicking
Attachments: Don’t open attachments from people you don’t know or attachments you don’t expect
Message: review the content of the message and check for grammatical or spelling errors
3. Secure your web browser
Web browsers are used on both office and home devices, and attackers will try to use their vulnerabilities to gain control of your computer (for example, this year’s Google Chrome Zero-Day vulnerability).
The best way to protect your web browser is to set up automatic updates, avoid saving passwords in your browser, use reliable web browser plug-ins from the browser app store and limit security settings and data transfer and web browser providers.
4. Maintain the latest version of software on your smart device
To prevent hackers from exploiting vulnerabilities in your smart device, update your phone, tablet, TV, microphone, light, etc. with the latest software available.
If the auto-update feature is available, enable it. These applications can be a source of infection just like any other computer.
To further secure your device, be sure to use the screen unlock feature when available.
Organizations should consider mobile device management solutions to strengthen the security of their mobile device environment to ensure device and application compliance and manage data flow away from trusted mobile devices and applications.
5. Use Multi-Factor Analysis (MFA)
For corporate and personal applications, it’s important to make MFA believe that the person logging in is who they say they are, and to prevent angry hackers from exposing themselves to your network.
6. Secure your home network
If it’s not secure, your home network can put your personal and business data at risk if you work remotely. Here are some tips to help secure your home network:
7. Use a VPN
Virtual Private Networks (VPNs) provide users with a convenient way to access remote resources from multiple locations by connecting two private networks to the Internet.
Using public Wi-Fi in airports, hotels and cafes without a VPN can unknowingly reveal a lot of details about your device and what you do online. In the hands of a hacker, this information can be used to create an attack.
8. Don't forget about physical safety
As more employees return to the office, it’s important to remember that physical safety in the office is also important.
Reminders for physical safety include:
9. Be aware of the information you share on social media
Social media can be a great way to share information with family and friends, but are you sharing information with hackers?
Fraudsters and attackers can use information you post on social media to get information about you that can be used against you.
Check your privacy settings frequently, delete old and unused accounts, and review your profile and background photos and videos before posting to make sure you’re not sharing anything that could reveal personally identifiable information. yourself.
Before you post a message on social media, ask yourself: Could the message you’re about to post be used against you?
10. If you see or do something, say something!
Last but not least, if you see anything suspicious, be it an email, a text message, or an unauthorized visitor to the company, or if you stop accidentally clicking on a phishing email, advise your supervisor, IT or company to ensure that this is done quickly and keep damage to a minimum.
Employee training is an important part of cybersecurity, organizations should have cybersecurity awareness training as part of their cybersecurity program in addition to other safety and security measures, such as 24/7 monitoring and surveillance, management detection and response, and weak. degree.
Cybersecurity affects us all, and it’s up to employees and employers to be aware of cybersecurity best practices to protect ourselves and our businesses from malicious attacks.