As we reflect back on the first week of National Cybersecurity Awareness Month, all of the major news, crazy tweets, and personal dilemmas, we need to remember why this month is important. Cybersecurity Awareness Month is promoted to gain visibility, understanding, and action for the common security flaws we experience every single day – from secure passwords to applying security patches. While most security professionals understand the scope, others may be naïve to the risks. Therefore, if you have not done anything yet for Cybersecurity Awareness Month, consider starting with these recommendations and make sure to teach your family, friends, and peers to do these on a regular basis:
- Change your email, domain, financial, and social media passwords. Make sure they are all unique and that no two passwords are the same. This helps stop the compromise of one password from being used on other websites and applications.
- Execute Windows Update or Apple Updates on your computers. Keeping your computer up to date for security patches is critical in stopping threats. If you do not have time to execute it manually, Microsoft and Apple allow you to set preferences so these will automatically be applied – a set it and forget it approach.
- Third party applications like Adobe Flash are notorious for allowing security breaches on assets. Just like Windows Update consider running their dedicated utilities to install the latest versions and security patches on a regular basis. In addition, just like operating system updates, these can be set to auto update as well keeping you safe and protected all the time.
- If you have an iPhone, Android Phone, Office365, iTunes, Google Music, or Amazon Prime, you probably have some form of included cloud storage service. One of the lowest hanging fruits to protect your data and precious photos is to use any one of these included (or free) cloud services to back up your information. In the event of a device theft, fire, or ransomware – cloud storage can provide a safe haven for the data and photos we can never replace.
Morey J. Haber, Chief Technology Officer and Chief Information Security Officer at BeyondTrust
Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four Apress books: Privileged Attack Vectors (2 Editions), Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.