Cybersecurity awareness month

October is cybersecurity awareness month and although I try to make everyday awareness day by posting content I will add my 2 cents worth.

If you have not noticed, cybercrime is rampant.

The working from the home environment has added an additional impact from ransomware, 2x and in some countries 3x.

Awareness is key.

BUT,

Awareness is difficult if we have the attitude that it will not happen to me or I have nothing worth stealing.

There are simple strategies that can be deployed that will lift you from an easy target to a place where it is harder to compromise you.

Here are a couple of really basic ideas that are easy and cheap to implement.

Patch it all.

The bad guys rely on you not updating your software and operating systems.

Get on top of it by doing it regularly.

Set a date in your calendar that will remind you to update everything regularly.

Passwords, passcodes and passphrases

Your digital passport is your password.

Protect it as such.

Every site and service that you need to have access to on the internet has to have a password that is complex, unique and more than 10 characters (12 is better).

Too hard, get a password manager.

In addition use 2-factor authentication, multi-factor authentication and never give the codes generated to anyone else, ever.

Watch those macros

Macros are small programs usually associated with office documents and they add additional capability to them.

They are also highly utilized by the bad guys because that small program can compromise your system.

Never open attachments in email but more important if it is an office document never allow macros to run, no matter how enticing they can be.

Do a backup

No office 365 or google apps are not a substitute for having another copy of YOUR information or data.

If it is digital, if it is important if it is business-critical you need a copy preferably 3.

Always use the 3,2,1 rule of data recovery.

3 copies of all information, in 2 different locations, and one location has to be off-site and disconnected.

Once you have done that do a regular check and restore often.

Being awareness month do some awareness training.

Get some as soon as possible.

Get some for all users and staff, yes that includes you or the boss.

A good place to start is to do a search for “wizer security awareness training ”

These simple strategies will improve your security significantly.

They are cost-effective, easy to implement and in most cases take just a couple of minutes to implement.

An all-around win against the cybercriminal.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.