June is National Internet Safety Month! The Department of Homeland Security in coordination with The National Cybersecurity Alliance created a public awareness campaign called STOP.THINK.CONNECT. The goal of this campaign is to educate individuals and organizations to be more secure online by increasing their understanding of cyber threats. With this in mind, our June newsletter will break down this campaign and help you and your organizations stop, think, and connect for internet safety month.

STOP – are security measures in place?

What do Microsoft, News Corp, and the Red Cross all have in common? All of them have suffered a cybersecurity attack in 2022. Regrettably, cyberattacks and breaches are big business. There are a plethora of bad actors that populate the internet, ready to pounce on insecure data and immature security practices. How do you defend against these attacks? The old adage “failing to prepare is preparing to fail” applies here. Preparing for attacks before they happen will give you a layer of defense from the beginning. In other words, it is important to understand what your security posture is inside your company.

Do you have security procedures in place? If yes, do your employees know and follow these procedures? Do your employees feel empowered to shut down attackers? Are they aware of the various attack vectors they need to guard against? Instead of waiting for a cyberattack to find out the answers to these questions, implementing a training program will help you get a good idea of your security posture. It will also arm your employees with the right defense.

THINK – about the consequences of your actions and behaviors online

According to a recent report, there are 3.96 billion social media users worldwide in 2022. Yes, you read that right, BILLION. Statistics also show that more than 91% use their mobile devices to access social networks. Doing everything from promoting their business, selling goods, keeping up with friends and family, or being influencers. It is clear that social media is not going away. So, how do you keep yourself safe on such a large forum?

Never click and tell 

Limit what information you post on social media. Tagging your location at your favorite local coffee spot may give a bad actor personal details that can be used in an attack. Seemingly random details are all that an attacker needs to know to target you, your loved ones, and your physical belongings. In addition, always keep Social Security numbers, account numbers, and passwords private, as well as specific information about your full name, address, birthday, and even vacation plans. And it’s also important to disable location services that allow anyone to see where you are – and where you aren’t – at any given time.

Speak up if you’re uncomfortable

We’ve all seen a friend post something that made us cringe. Maybe it was a young friend excited over getting their first license who is proudly holding it up while they take a selfie. Or a couple buying their first home, standing in front of their new street address. While we are excited for them, the information they are displaying can be damaging to them. It’s never easy to approach a friend about something that they post but doing so can protect them and their families.

Report suspicious or harassing activity

Work with your social media platform to report and possibly block harassing users. Another key point is to report an incident if you’ve been a victim of a cybercrime. Local and national authorities can help you.

Remember, there is no ‘delete’ button on the internet

Share with care, because even if you delete a message or picture from your profile minutes after posting it, chances are someone still saw it.

Update your privacy settings

Set the privacy and security settings to your comfort level for information sharing. This is not a one-and-done process, since social media platforms often update and change their settings. So, from time to time, check the settings to make sure they are at the safety level you want. It’s also important to disable geotagging, which allows people to see where you are.

Connect only with people you trust

While some social networks might seem safer for connecting because of the limited personal information shared through them, keep your connections to people you know and trust.

CONNECT – and enjoy your devices with more peace of mind

The world we live in is constantly connected. From our phones to our fitness trackers, our refrigerator, and our personal assistant devices, everything is connected. And while these things have made our lives easier, they also come with security concerns. There are over 7 million Internet of Things (IoT) devices in use in homes every day. In light of this, there are things you should consider and do yourself to use your products safely and securely.

Monitor your accounts and devices regularly. Watch for and report any unusual activity.
Have robust passwords. Use passwords that are long, unique, and include special characters. Don’t use the same password for multiple devices.
Read the Terms of Service (ToS). The permissions and access outline in the ToS will often surprise you and will help you make informed decisions.
Keep IoT devices off your main internal network, where all your personal devices are connected. By keeping the devices on their own, individual networks that are separated by a firewall to seal off your main network.
Unplug your devices when not in use.
Enable Multiple-factor authentication (MFA). This will add an extra layer of protection that can keep criminals from easily gaining access to your account.

Personal security is cybersecurity

Staying safe online can seem like a daunting task, we get it. But there are some simple things you can do to keep yourself and your family safe. The Cybersecurity and Infrastructure Security Agency (CISA) offers 4 simple things that you can do to keep yourself cyber safe.

Turn on MFA for all appropriate accounts.
Update your software – turn on automatic updates if available.
Think before you click! – more than 90% of successful cyber-attacks start with a phishing email.
Use strong passwords. Ideally, use a password manager to generate and store unique passwords.

Our world is increasingly digital and interconnected. All of us have the responsibility of protecting ourselves as well as the systems that we all rely on.

Don’t Go It Alone

Cybersecurity holidays like National Internet Safety Month are without a doubt important to recognize, especially inside of your organization. But it can also be hard to push this type of awareness content when you’re juggling multiple other tasks. That’s why it is good to take advantage of the resources provided by other organizations. For instance, The National Cybersecurity Alliance rolls out a number of tips for protecting yourself online. Sharing these tips with your population will help keep them up to date. There are also many written sources such as blogs, and this newsletter that aim to keep people informed on the best security practices. If reading isn’t your thing, then perhaps our podcast based around security is more suitable for you.

Cybersecurity Awareness Month 2022 is not far off. This annual initiative sponsored by the Cybersecurity and Infrastructure Security Agency (CISA) takes place every October. It was created to raise awareness about the importance of Cybersecurity and ensure access to resources needed to keep information protected and be more secure. Are you planning an awareness campaign for your organization? The team at Social-Engineer, LLC are not only experts at identifying threats to information security but are also professionally trained and certified social engineers who can share attacker perspectives, tactics, and how to defend against them. In a special initiative for Cybersecurity Awareness Month, our expert speakers offer virtual, in-person, or hybrid engagements on more than 15 different topics.

Visit our website for more information and learn about early booking discounts: www.social-engineer.com

Written by: Amanda Marchuck



This entry was posted in Uncategorized and tagged .

Leave a Reply

Your email address will not be published. Required fields are marked *