by Tory Igoe & Clifton Robinson, Global Resilience Institute
Online connectivity touches each facet of modern life. As such, the rise of the fifth domain has transformed the manner in which societies approach education, financial services, exchange of material goods, in addition to basic social interactions. In spite of these positive developments, innovators and policymakers alike fail to acknowledge the threats people are exposed to while roaming the internet. For this reason, pinpointing simple solutions for practicing good cyber hygiene — the steps taken by users to maintain system health and security — is a worthy topic for discussion.
Some basic rules to follow:
Password Management Poor password management is a common point of failure in cybersafety. According to GlobalWebIndex, the average person possesses seven accounts that each require a set of login credentials. Multiple credentials coupled with a non-photographic memory leads to repeats or similar variations of the same password. The key security issue arises when a commonly used password gets repeated across multiple accounts. In 2019, a study by the United Kingdom’s National Cyber Security Centre (NCSC) reported that the password ‘123456’ and ‘password’ were the most commonly used passwords across millions of accounts. For this reason, the fact that 81% of hacking-related breaches stem from stolen and/or weak passwords comes as little to no surprise. A simple solution to this problem involves using a password manager such as 1Password, Dashlane, KeePassX, and LastPass. A password manager, in short, creates and stores strong passwords for each account as long as the owner creates a strong password to access their unique password manager.
Run Antivirus Software Investing in antivirus software is a simple way to secure oneself online. Antivirus software runs on your device as a means of protecting the device from malicious activity. Examples of how the software safeguards personal and corporate data ranges from scanning downloaded files for viruses, checking the security of the network — public wifi users beware — and analyzing how one’s online activity is putting their personal data at risk. With free software able to cover most users’ basic needs, installing antivirus protection software remains a simple yet vital step in practicing cybersafety.
Use Multi-Factor Authentication Multi-factor authentication is a newer authentication method that secures devices by requiring two or more independent credentials to access an account. For example, if you want to log-in to your email, you would require a password and additional verification from a secondary device — i.e. a ‘push’ notification to a personal cell phone. Once the credentials are confirmed, the user gains access to their email. Multi-factor authentication is the single most effective tool to safeguard an organization against remote attacks. This is due to the fact that multi-factor authentication can prevent the most malicious cyber criminals from hacking into an account, even if the credentials become compromised. Given its simplicity and ease of use, multi-factor authentication has become a staple choice for individuals, educational institutions, and corporate entities alike.
Privacy on Social Media A basic area where most users fall short is understanding privacy solutions on social media. Whether it’s limiting posts or not interacting with every user online, it is important to understand that social media itself is a double-edged sword. Every post, tweet, or conversation remains on the internet forever — even after it’s deleted. If a user’s social media is opened to the public and contains unsavory content, the user could face consequences in their professional life or before the law. The same caution must be applied when communicating with people on social media. “Stranger danger” is always a good phrase to remember, as online anonymity coupled with unclear intentions creates a domain as dangerous as it is beneficial to basic communication. The user is entirely responsible for their content online, so practicing good judgement is key.
With cybercrimes estimated to cost corporations $6 trillion annually by 2021, it’s easy to assume the majority of these damages stem from complex cyberweapons constructed in a subterranean lair. However, the truth behind the statistics lie in the fact that the most effective attacks are painfully simple. An example of this is that 90% of effective breaches have a phishing element — cyber criminals disguising themselves as trustworthy entities in online communication to obtain sensitive information. Therefore, the first step an organization must take in creating a cyber resilient environment revolves around its ability to educate their staff on practicing good cyber hygiene at its most basic level.