Hello! Welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints.
For this TomCast we are going to be discussing basic cybersecurity awareness. What does it mean to have basic cybersecurity awareness? For starters, it means to have knowledge or understanding related to the security of ones virtual or logical data, assets, and presence.
Just because you are aware of these things does not necessarily mean they are secure, mind you.
Knowing about and having an understanding of WHAT you are protecting, WHY you are protecting it, and WHO you are protecting it from.
Understanding paths of data travel and how to navigate through cyberspace on safer avenues.
How to learn about technology and how to modify ones habits to become more secure and cybersecurity aware.
Why does all of this security jargon matter? How does one become more cyber-aware? There is no one-way; read about it, listen about it, watch topics about it, learn about it, then apply that knowledge to your cyber presence. If you know someone that is well versed in technology, ask questions! Technology is ever changing, and the security aspects are as well.
Here is a real world example. I have a close friend that recently had their social media account hacked. The attacker changed the contact phone and the email address thereby preventing this friend of mine access to their account. Does that sound like a big deal, or just a mere inconvenience?
That all depends on how the account is being used and the data stored therein, but no matter the case, it needs to be treated like a big deal. This particular account was tied to a bank account for online purchases through the social media platform. Seems like the importance just went up about this issue, yes? Does the hacker now have access to the bank account? Quite possibly, if the financial institution has weak security controls surrounding verification of account holder information.
Details aside, the lesson here is that many (if not all) of these social media platforms offer tighter security controls through methods like TFA (two-factor authentication), MFA (multifactor authentication) and other identity verification methods. The platforms may not ADVERTISE them, but if you dig into security settings, they are there. Why wouldn’t more people use them? Well, besides lack of knowledge of the controls being there, some people think it’s added time, a pain to have to go through all of these hoops, etc.
Which is more painful, taking an additional 5-10 seconds to input a code from an identity verifier, or to have your account locked out with someone else accessing your information? This is all part of cybersecurity awareness. As we stated in an earlier TomCast regarding people-centric security, if more people were cyber aware, then the human error-related compromises and breaches would drop significantly (which account for the highest percentage of security-related incidents in cyberspace).
So, do your due diligence in becoming more cybersecurity aware. Be inquisitive, ask questions, learn about the platforms you use online to become more knowledgeable about the security aspects and how to keep your data, assets, and presence more secure. The more you do it, the more routine it becomes.
We here at GuardSight thank you for taking the time to listen to this TomCast. Please share this if you believe it would be of assistance to anyone in your contact list, and please provide us some feedback in the comments so we can continue to improve. Thanks!