Cybersecurity Awareness Month: What Inversion6’s experts have to say
Start strategizing today and see results by the 31st
All October long Inversion6 is showing their support for Cybersecurity Awareness Month. This is an initiative lead by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA). In efforts to raise cybersecurity awareness, Inversion6’s team wants to remind you of some strategies your team can implement today and execute everyday this October.
Chris Prewitt – CTO
-
Establish a culture of personal responsibility for security. Everyone needs to factor into the mix and participate. Security teams can’t monitor every employees' habits and tell them which emails are acceptable to open. IT doesn’t create data. Data creators and owners need to understand how their data is being protected and engage in the protection processes.
-
Businesspeople are not IT people. Your business leaders often don’t understand IT risks and vice versa. Business and IT higher-ups need to work together to build your security walls. We can’t protect everything the same.
Chris Clymer – CISO
-
If it sounds too good to be true, it probably is. Question unusual requests, regardless of who they appear to be coming from. Hackers could be asking to deviate from process, transfer money, or give up credentials. When in doubt, pick up the phone and call to confirm. Even if it means tracking down your CFO or President…they’ll be grateful you did.
-
Your company needs to build an army of human sensors. Technology is important but can never be 100% reliable. Bad guys know they will be more successful targeting the human element. Educate your employees and incentivize them to assess and report.
Jason Middaugh – CISO
-
Turn on MFA everywhere – for remote access to your corporate network, your personal bank account, everywhere. The additional level of security you receive by enabling MFA is exponentially more secure than username and password. While many companies now require MFA to access email, it is highly recommended that you do the same on your personals too.
-
Don’t use the same password for multiple accounts – and use a password manager. Hackers know that if they can obtain a username and password from a site with weak security, it can likely be used to bypass security on sites with high security like online banking. Using a Password manager (such as 1Password) ensures all your passwords are different and don’t get compromised.
Jack Nichelson – CISO
-
Recognize and Report Phishing - Phishing is a form of fraud where a scammer attempts to have you reveal personal, financial or confidential information by posing as a reputable entity in an electronic communication. Many scammers try to bait you by urging you to open an attachment. They can also add familiar logos and corporate phrases to inspire you to click a web link that appears official. If you think someone might have your information like your Social Security number or bank account log-in, go to IdentityTheft.gov.
-
Update Your Software - “If you installed it, update it.” Keeping the operating system current with the latest patches and applications is crucial to secure your computer and mobile devices. Bad guys are constantly attacking flaws in widely installed software products, such as Java, Adobe PDF Reader, and Chrome. These vendors release updates to fix security bugs monthly, so it’s important to keep the latest versions.
Craig Burland – CISO
-
Factor cyber risk into your decision-making processes alongside the other critical risk domains like operations, finance, or safety. Managing cyber risk can be a differentiator in the marketplace depending on your team’s response. If ignored your organization will suffer a negative impact. Sometimes the cheaper, or quicker, option can bring some unpleasant risks that will end up costing much more!
-
Make cybersecurity a formal requirement in every step; building, development, and execution. In today’s world, functionality and security must go hand-in-hand. Consumers expect that companies will take priority in keeping their information safe. When you incorporate cybersecurity requirements up-front – at the first meeting, on the first napkin -- alongside the newest, coolest feature, you meet expectations and keep the faith of your customer base.
Post Written By: Inversion6
