October 20, 2020
We are now in October, and officially in the middle of National Cybersecurity Awareness Month. While cybersecurity should be at the forefront of everyone’s minds all year long, October in particular is a time designated for us to really take stock of our cybersecurity hygiene and practices.
Businesses in particular face significant financial loss when a cyber-attack occurs. Cybercriminals often rely on human error — such as failing to install software patches or clicking on malicious links — to gain access to systems. From the top leadership to the newest employee, cybersecurity requires the vigilance of everyone to keep data, customers and capital safe and secure. In order to support a culture of cybersecurity within your organization, today’s blog outlines what that means precisely according to CISA and what you should be doing to observe this time of year — and throughout the rest of the year as well.
Treat business information as personal information.
Business information typically includes a mix of personal and proprietary data. While you may think of trade secrets and company credit accounts, it also includes employee personally identifiable information (PII) through tax forms and payroll accounts. Do not share PII with unknown parties or over unsecured networks.
Don’t make passwords easy to guess.
As “smart” or data-driven technology evolves, it is important to remember that security measures only work if used correctly by employees. Smart technology runs on data, meaning devices such as smartphones, laptop computers, wireless printers and other devices are constantly exchanging data to complete tasks. Take proper security precautions and ensure correct configuration to wireless devices in order to prevent data breaches.
Be up to date.
Keep your software updated to the latest version available. Maintain your security settings to keep your information safe by turning on automatic updates, so you don’t have to think about it. And set your security software to run regular scans.
Social media is part of the fraud toolset.
By searching Google and scanning your organization’s social media sites, cybercriminals can gather information about your partners and vendors, as well as human resources and financial departments. Employees should avoid oversharing on social media and should not conduct official business, exchange payment or share PII on social media platforms.
It only takes one time.
Data breaches do not typically happen when a cybercriminal has hacked into an organization’s infrastructure. Many data breaches can be traced back to a single security vulnerability, phishing attempt or instance of accidental exposure. Be wary of unusual sources, do not click on unknown links and delete suspicious messages immediately.
Ensure your organization is secure this month. Whether you need general cybersecurity consultation, CMMA or HIPAA assessment, Rimstorm is here to provide you with the tools and manpower required to fulfill your cybersecurity needs all year long.