Why Cyber Security Matters To Everyone

Your cyber hygiene affects others

It’s not unlike public health. One of the reasons health officials urge almost everyone to get a flu shot is because people who are infected are more likely to infect others. And the same is true for cyber security. Infected devices have a way of infecting other devices and compromised systems can make everyone vulnerable. So your cyber hygiene isn’t just about protecting you, it’s about protecting all of us.

Bots or zombie networks are just one example. Bad guys look for vulnerable machines to infect and enlist them into a zombie army that infects other machines, thus greatly amplifying their ability to reach millions of users.

Even bad social networking and email security can be contagious. If your accounts are insecure, it makes it easier for others to go online as you and spread infections or social engineering attacks designed to steal data or money.

What’s in it for you?

But forget altruism for a moment. Having an insecure machine or password can be personally devastating. I’ll spare you the scare tactics, you’ve probably heard them before — but I will remind you that an intrusion into any of your accounts or devices can escalate into a full-scale attack on your financial and reputational well-being.

Even something as basic as inadvertently sending out spam, can be embarrassing, but there is also the risk of identity theft and financial crime that can leave you with an empty bank account.

Shared responsibility

Cyber security is a shared responsibility. Internet companies and brick and mortar merchants can do their part by shoring up the security of their networks and payment systems. Government can educate the public and enforce anti-cyber crime laws. Businesses can make sure that they have strong security processes in place; including making sure their employees use strong passwords and everyone can play an important role by securing our devices and being sure that our passwords are strong and unique.

Kids too

And it’s not just for adult. Just as we teach our kids to lock their bicycles, parents and teachers need to remind them to password-protect their phones and other devices. And kids need to know that some things in life need to be kept secret. Passing on your passwords is not a way of proving that you’re a good friend. If a friend asks for a password you can really be a good friend by reminding them that it’s never a good idea.

Cybersecurity Awareness Is About Both ‘Knowing’ and ‘Doing’

Ask any IT security professional and you’ll get the same answer. One of the biggest cybersecurity challenges is the human factor, making cybersecurity awareness more vital than ever in our mobilized, interconnected world.

According to the 2014 Cyber Security Intelligence Index, an astounding 95 percent of all security incidents involve human error. The most prevalent mistake? Double clicking on an infected attachment or unsafe URL. Other common errors include lack of patching, using default user names and passwords and easy-to-guess passwords, lost laptops and mobile devices, and inadvertent disclosure of sensitive information by use of an incorrect email address.

All the more reason to support and participate in National Cybersecurity Awareness Month, which is observed in October in the U.S., with similar months or weeks set aside in other countries. Cybersecurity awareness events like these are valuable opportunities to shine a spotlight on what it means to be aware and how to promote not only knowledge, but deliberate, mindful behavior to actively protect valuable data and information in our businesses and communities.

What is cybersecurity awareness? It’s not just knowledge. Knowing isn’t doing. Security awareness is knowledge combined with attitudes and behaviors that serve to protect our information assets. Being cybersecurity aware means you understand what the threats are and you take the right steps to prevent them.

We work to create a risk-aware culture where employees are educated about the cybersecurity hazards we face and trained to take the right actions to defend against them. Training courses, simulated phishing exercises, awareness campaigns, videos and a steady stream of awareness messaging and social media conversations are some of the ways we work to keep cybersecurity top of the mind.

We encourage staff to visit the StaySafeOnline and Stop.Think.Connect websites to cultivate cyber awareness at home and in their neighborhoods. StaySafeOnline offers tips and resources, including content for teaching cybersecurity to students from kindergarten through college. The Stop.Think.Connect. site offers information on how to protect our digital lives online.

We’re all in this together, and each of us has a stake in reducing human error and encouraging cybersecurity best practices in our workplaces, homes and communities. Help spread the word to promote a safer, more productive digital experience for all of us.

Beware of Socially Engineered Phishing Attacks on Facebook

Phishing attacks are one of the most common scams on Facebook. The goal of these scams is to obtain your Facebook user name and password. If successful, the scammers can totally take over your Facebook account and use it to spread more spam and scams to your friends. They can also mine everyone in your network for data they can later use for identity theft or other socially engineered attacks.

Here are some examples of popular phishing schemes on Facebook:

1. Facebook Lottery – You’re likely to receive an email stating you’ve won a sum of money. These can also be advanced fee scams.

2. Confirm Your Account – Any messages asking you to confirm your account should be viewed with extreme suspicion. If you receive an email like this, don’t follow any links. A better option is to log in to Facebook directly.

3. Violated a Policy – Hacked accounts often send messages posing as ‘Facebook Security.’ If you encounter one of these scams, you’ll notice that Facebook Security will be spelled with non-traditional characters. This is done to bypass Facebook’s filters.

4. Photos & Videos - The scammers attempt to capitalize on our curious nature. You will receive a message from a compromised friend’s account asking you to look at this photo or video. A popular theme is to say the picture is embarrassing or they can’t believe you did that, etc. Other variants of this scam contain files laden with malware.

Most all of these scams direct you to external links to pages designed to look like Facebook. Before logging in to any site, always verify that you are indeed on the main site. Careless and unsuspecting users are often fooled by these tricks.