I’m often asked by family and friends what they should do to protect themselves from a cyber-attack, as well as what attacks they’re susceptible to. There are so many types of attacks out there: Distributed Denial of Service (DDoS), malware injection, ransomware, adware, phishing, spear-phishing, zero-day, etc. Social engineering continues to be successful in compromising systems. Preventing phishing (or spear phishing) which is one method of social engineering should be everyone’s number one priority. As noted in a cyber security article written in December 2016, “The government is still constantly inundated with cyber attacks and the weakest link is not the computers, but the humans using them.” Security professionals talk about layered defenses, and the first line of people-based defense you should enable is two factor authentication. That’s not the only defense you need to employ, but it should be at the top of the list. We cannot rely on people always making the right decisions based on the training they’ve had. We need to have people use the security tools that are available in order to minimize the effects of poor human decision making on our systems.  This starts with two factor authentication and then companies should add additional defenses  to stay secure. Here are the top ways to ensure your employees are keeping your company’s digital assests safe: 

  • TWO-FACTOR AUTHENTICATIONPASSWORD PROTECTED CELL PHONES
  • SECURED CELLPHONE
  • PASSWORD MANAGEMENT
  • USING A VPN OVER WIFI
  • PROPER MANAGEMENT OF SECURITY SETTINGS

We cannot rely on people always making the right decisions based on the training they’ve had. We need to have people use the security tools that are available in order to minimize the effects of poor human decision making on our systems.  This starts with two factor authentication and then companies should add additional defenses  to stay secure.

 


Written By Pat Byrne

Provides subject-matter-expertise regarding national security threats worldwide. Charged to challenge strategic and operational planning teams to think more critically and creatively about new systems, processes, and capabilities that allow them to counter emerging cyber and electromagnetic threats in the global security environment. Previously Chief of Staff for Command, Control, Communications, Computers and Intelligence (C4I) and NATO Information Assurance Technical Centre Director.