As we reflect back on the first week of National Cybersecurity Awareness Month, all of the major news, crazy tweets, and personal dilemmas, we need to remember why this month is important. Cybersecurity Awareness Month is promoted to gain visibility, understanding, and action for the common security flaws we experience every single day – from secure passwords to applying security patches. While most security professionals understand the scope, others may be naïve to the risks. Therefore, if you have not done anything yet for Cybersecurity Awareness Month, consider starting with these recommendations and make sure to teach your family, friends, and peers to do these on a regular basis:
- Change your email, domain, financial, and social media passwords. Make sure they are all unique and that no two passwords are the same. This helps stop the compromise of one password from being used on other websites and applications.
- Execute Windows Update or Apple Updates on your computers. Keeping your computer up to date for security patches is critical in stopping threats. If you do not have time to execute it manually, Microsoft and Apple allow you to set preferences so these will automatically be applied – a set it and forget it approach.
- Third party applications like Adobe Flash are notorious for allowing security breaches on assets. Just like Windows Update consider running their dedicated utilities to install the latest versions and security patches on a regular basis. In addition, just like operating system updates, these can be set to auto update as well keeping you safe and protected all the time.
- If you have an iPhone, Android Phone, Office365, iTunes, Google Music, or Amazon Prime, you probably have some form of included cloud storage service. One of the lowest hanging fruits to protect your data and precious photos is to use any one of these included (or free) cloud services to back up your information. In the event of a device theft, fire, or ransomware – cloud storage can provide a safe haven for the data and photos we can never replace.
Morey J. Haber, Chief Security Officer, BeyondTrust
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored three books: Privileged Attack Vectors, Asset Attack Vectors, and Identity Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.
