Strategies to Minimize Risks Associated with the Most Common Cybersecurity Threats
Even the most tech-savvy among us can feel like a babe in the woods when it comes to protecting a home or business network from cybersecurity threats. When I explain to clients the steps they need to take to transform their home or business into a well-defended digital fortress, I often compare cybercrime to the physical security industry. I explain that their home or business now has digital windows and doors to protect as well.
When appraising a building for a security system, it’s all about understanding the Crime Prevention Triangle, made up of Skill, Desire, and Opportunity on each side. The only element that you can control is Opportunity, by deterring bad behavior (snapping off the bottom of the triangle). In other words, don’t become a victim.
Because good physical security is all about eliminating opportunity, cybersecurity should be no different. However, instead of only having to worry about bad actors who threaten a home or business, you are exposed to millions of potential criminals online. Build a high enough fence to deter skilled criminals, and you will drive down the risk of a cybersecurity incident. Here are some of the most common cybersecurity issues and strategies to minimize risk:
Plain and simple, malware is software intended to damage or disable computers and computer systems. Examples include viruses or the infamous ransomware screens demanding bitcoin to regain control of your computer.
Watch for an industry shift from protecting computers or other endpoints like tablets and phones to router-based firewalls that reject suspicious traffic before it gets on the network. Thanks to machine learning and artificial intelligence, we have come a long way since the days of cybersecurity software crying wolf every 30 seconds. Previous attempts at these systems were so annoying that most users disabled them, rendering them useless. Newer hardware-based solutions from companies like Firewalla, Cujo, and Norton promise to head the bad guys off at the pass.
Keep in mind that these products are still in their very early days and a clear winner hasn’t emerged. If you like to play with technology and don’t mind a few headaches, one of these systems will be fun to test out. No matter what you decide, make sure to focus on backing up your data automatically on a daily basis, and following the 3-2-1 Rule:
- Have at least three independent copies
of your data
- Store the copies on two different types
of media (hard drive or SD card)
- Keep one backup copy off site
(using a service like Carbonite).
Pitfalls to Avoid
Many customer reviews complain about third-party firewall hardware products slowing down network traffic. Make sure to demand the following features in any third-party router or firewall that you install: parental controls, content filtering, cybersecurity, app-based control, and easy sharing of network passwords. Check to make sure that your internet service provider is compatible with any hardware that you’re considering.
Debit or Credit Card Fraud
Criminals obtain credit or debit card information most commonly by phishing (sending emails or messages under false pretenses pretending to be the bank). Most often, card fraud takes place through deceiving the victim (low tech) versus truly hacking into accounts. These types of attacks are especially common in the workplace.
Use two-factor authentication whenever possible. This usually means getting a one-time code from a financial institution before approving a transaction. Using payment solutions like Apple Pay, which issues a temporary card number for each transaction, will render any stolen numbers useless. Apple, Android, and Microsoft all offer secure storage of credit card data through their web browsers. Use common sense to avoid most credit card fraud issues and take solace in the knowledge that in most cases consumers aren’t liable for unauthorized charges.
Pitfalls to Avoid
Look before you leap. By slowing down and questioning whether or not the merchant is legitimate, you will save a lot of headaches. If it feels wrong, it is probably a scam. Listen to your gut.
Data Breaches and Compromised Passwords
An incident where information is stolen or taken from a system without the knowledge or authorization of the system’s owner. This could include unauthorized email or social media access.
Much like credit card fraud and malware, most data breaches can be avoided by practicing good security habits like creating complex passwords consisting of at least six characters (and the more characters, the stronger the password) combining letters, numbers and symbols (@, #, $, %, etc.), if allowed. This one is tough to practice in day-to-day life without a password manager like those found embedded in Mac- or Windows-based operating systems. Many of these password generators will offer to create and store complex passwords for you, which comes in handy if you don’t have a knack for memorizing 23-character strings of gobbledygook!
Pitfalls to Avoid
Stop making it easy for the bad guys! Don’t use birthdays or easy-to-guess passwords. It’s annoying to create complex passwords, but it’s one more brick in the wall of a cybersecurity defense strategy that will pay off in the long run. You’re only as strong as your weakest link.
Internet of Things (IoT) Device Vulnerabilities
Internet-connected electronics like voice assistants, lighting controls, smart speakers, and thermostats can ship with known and undiscovered vulnerabilities. Criminals exploit these weaknesses to seize control of a network, leading to cybercrimes such as credit card fraud and identity theft.
Learn from the Trojans! Don’t install any new electronics without checking with resources like the Consumer Technology Association’s (CTA) Recommended Best Practices for Securing Home Systems or products like BitDefender’s Smart Home Scanner, which scan networks in real time, delivering back results highlighting known device issues.
Pitfalls to Avoid
Anything connecting to the internet can undo all the good that you have done building your cyber defenses. Products that commonly slip by include children’s toys and gifts around the holiday season (nanny cameras and baby monitors are commonly exploited). Perform periodic audits to make sure you haven’t unwittingly allowed in any weak backdoor exploits. Be wary of Bring Your Own Device (BYOD) policies at work that can allow in infected gear.
By minimizing opportunity for cybercriminals, you are well on the way to driving down your network vulnerabilities. There’s no such thing as a bulletproof installation, but all you have to do is make your space less appealing than your digital neighbors to avoid most issues.