Are you like me, wondering how to keep your company and, more importantly, yourself safe in this crazy new world of cyber exploitation? All of us have the potential to be exploited by a bad actor on the internet; from social media, personal devices, down to your own home wifi, there’s an area of vulnerability. Not to make you paranoid, but in the first half of 2019, there were 3.2 billion records exposed in only 8 breaches. Odds are, you or someone you know felt the impact. This is why we’re all responsible for making sure that ourselves, our families, and our institutions are prepared for a cybersecurity crisis.
Earlier this week our own @Ryan Black wrote a great blog on 5 key tips to help train security teams on how to handle a cybersecurity crisis. But what about the rest of us? It got me thinking, how can all of us apply his tips to our own daily lives as we interact with technology both in and out of the work environment.
Here’s my take:
1. Train yourself as if you were a firefighter.
- Practice your company's security & data hygiene protocols, and personal data hygiene until it’s muscle memory. Aka, change your passwords, use a VPN, and learn how to identify a phishing email on sight.
- Think twice about connecting to free wifi while accessing your company's email or other systems, or in general. You wouldn’t take free candy from a stranger, let’s not trust a stranger's wifi with confidential information.
2. Know where your (data) logs are.
- Have open and clear communication around 3rd party vendor data compliance. (Where, How, and Who has access to your data).
- Does the vendor you fired a month ago still have access to the CRM/ERP/Company Email, etc? Could you trace your customer's data back to its source?
- What about those 3rd party apps on your personal phone, did you read those Terms & Services Agreements?
3. Don’t let the glitter from “shiny object syndrome” blind you to your organization’s vulnerabilities.
- “At a minimum, conduct an annual review to ensure that your technologies are still working as they should be. Do the tools need policy updates?” -Ryan Black
- Is that fancy sales tool that is boosting revenue still up to date on their data policies? Did you remember to delete those mail merge CSV's from 3 months ago?
- Does the new gaming system you bought your kids for the holidays protect them online?
4. Cultivate your ability to turn lemons into lemonade.
- We're all human, we all make mistakes; mistakes are learning opportunities for the future. Accidentally get malware on your system? No worries don’t download the suspicious attachment next time.
- Are your Grandparents sympathetic to the Nigerian prince who needs their help with a lump sum of $39,000,000? That’s a great opportunity to teach them about fraud schemes and how to avoid them in the future.
5. Most importantly, make security awareness a fundamental part of your personal and organizational security culture.
- “The more your employees across divisions and business units can collaborate in the service of overall security, the more resilient your organizational culture will become.” - Ryan Black
- Be the partner your customer's trust for more than your offering; it'll pay off, literally.
- Share your security best practices with your family over the holidays, they’re worth protecting.
If you’re interested in learning more about personal cybersecurity awareness, staying up to date on the latest breaches, or want to hear some cool cybersecurity war stories, check out these resources:
Alexa Rzasa is a Campaign Manager at Respond Software. She is focused on collaborating with the internal expertise at Respond to deliver the best perspective of the Respond Analyst’s value to cybersecurity professionals. Prior to Respond Software, Alexa built and managed sales development programs across the hospitality, IT, and Healthcare industries.View all posts by Alexa Rzasa