In an era of pervasive connectivity, where laptops, tablets, and smartphones are constantly at our fingertips, our online presence is amplified, and the need to handle sensitive information related to our personal lives, businesses, and finances is on the rise.
The growing number of devices and data has expanded the attack surface, providing cybercriminals with more opportunities to exploit vulnerabilities and innovate their techniques, emphasizing the need for enhanced cybersecurity measures.
The good news: Fighting back can be easier than you may think. So says Lisa Plaggemier, executive director of the National Cybersecurity Alliance, which promotes awareness of smart and safe tech usage. She offered a helpful primer on crucial cyber hygiene for individuals, families, and businesses.
Hardening your hardware
When it comes to securing laptops, tablets, and smartphones, there are a few crucial steps to follow. Firstly, lock your devices using a passcode, PIN, or facial recognition to prevent unauthorized access. Secondly, consider covering your camera with a webcam cover to protect against potential hacking and unauthorized surveillance. These simple measures can significantly enhance the security of your devices and safeguard your privacy.
Multifactor authentication—a new must-have
Multifactor authentication (MFA) is a critical addition to the essential cybersecurity measures of antivirus software and complex passwords. MFA adds an extra layer of protection by requiring a second authentication step, such as a numeric code sent to your phone, even after entering a password. Despite its effectiveness, MFA is not widely enabled, but it should be implemented for all accounts, especially those involving financial transactions, as well as for businesses to significantly reduce the risk of credential-based compromises and combat cybercrime at a global scale.
Phishing variants emerge
Phishing is a prevalent online criminal activity where cybercriminals create deceptive content to compromise unsuspecting users’ data and identity. With the increasing sophistication of phishing techniques and the overwhelming number of emails and texts we receive daily, it is crucial to prioritize security measures and remain vigilant to protect ourselves from these threats.
Increase your awareness of phishing by familiarizing yourself with its various forms, such as vishing, smishing, and phushing. Plaggemier’s tips for identifying phishing attempts involve scrutinizing email sender addresses, checking links before clicking, manually entering URLs, and being cautious with attachments. These practices are crucial for effectively detecting and avoiding potential phishing threats.
Important: To protect against malware in email attachments, Plaggemier recommends disabling macros in Microsoft Office and turning off auto-forwarding in email. Recognizing phishing attempts involves verifying the sender’s identity, staying cautious of unusual changes, and directly confirming suspicious requests. Vigilance and verification are key to effectively safeguarding against phishing attacks.
Ransomware running rampant
Small and midsize companies should not assume immunity to ransomware attacks. Plaggemier advises taking proactive measures, such as implementing robust cybersecurity measures and regular data backups, to mitigate the risk of ransomware. Plaggemier’s advice here:
- Have all of your kids’ baby photos and all other files that are important to you backed up to a cloud service that’s safe from ransomware attack.
- Refrain from paying the ransom as it supports cybercrime and offers no guarantee of data recovery. Instead, reach out to law enforcement, including your local FBI field office, and utilize resources such as the Internet Crime Complaint Center (IC3) to report the incident and seek assistance.
Plaggemier advises small to midsize businesses to work with CISA for cybersecurity support, while individual vigilance against phishing and malicious links can help prevent ransomware attacks and data hostage situations.
Cyber insurance—a good policy?
Obtaining cyber insurance can serve as a valuable safeguard against damaging cyberattacks, but the evolving landscape of cyber threats and the rising severity of attacks have led to significant increases in premiums and stricter criteria for coverage. Insurers now require policyholders to have robust risk mitigation strategies and adhere to thorough cyber hygiene practices.
What’s the password?
Using flimsy passwords has become less common, but many individuals and businesses still fail to utilize password managers, which can generate and store unique and secure passwords for each account. While concerns about password manager security exist, reusing the same password across multiple accounts poses a greater risk. Additionally, securing your home Wi-Fi network involves changing the default router password, keeping the software updated, and applying security patches to prevent unauthorized access.
Key cybersecurity tips for business owners
Small and midsize companies are prime targets for cyberattacks, emphasizing the critical need for robust cybersecurity measures, including preplanned disaster response and recovery plans, to minimize the impact of incidents and swiftly restore operations. To build one, NCA suggests:
- Considering which stakeholders could be impacted and how
- Conducting a business impact analysis to prioritize important systems
- Doing a disaster recovery plan test run
- Reviewing the efficacy of that test run, and improving it accordingly
- Reviewing the plan regularly to help ensure procedures are still comprehensive and effective
Vigilant network monitoring, utilizing regularly updated software, is crucial in detecting and responding to hacker attempts on servers, as recommended by NCA experts, ensuring proactive protection against evolving threats.
Conclusion
Prioritizing cybersecurity is essential to safeguarding your wealth, family, business, and peace of mind in the face of ever-evolving cybercrimes.
This report is intended to be used for educational purposes only and does not constitute a solicitation to purchase any security or advisory services. Past performance is no guarantee of future results. An investment in any security involves significant risks and any investment may lose value. Refer to all risk disclosures related to each security product carefully before investing. Homer Smith is an investment advisor representative of Konvergent Wealth Partners. Konvergent Wealth Partners and Homer Smith are not affiliated with AES Nation, LLC. AES Nation, LLC is the creator and publisher of the VFO Inner Circle Flash Report. Investment advice offered through Integrated Financial Partners, doing business as Konvergent Wealth Partners, a registered investment advisor.