by Abby Berry, National Rural Electric Cooperative Association (NRECA)
In today’s digital world, cyberattacks are unfortunately nothing new.
Cyber criminals can attack on a multitude of levels, from large-scale attacks targeting corporations to smaller phishing attacks aimed to gain an individual’s personal information.
October is Cybersecurity Awareness Month, but good cyber hygiene should be practiced year-round. This year’s theme is, “See Yourself in Cyber,”—because we all have a part to play in cybersecurity. When we hear about massive data breaches, it can feel overwhelming and lead us to think we’re powerless as individuals to stop cyber criminals.
The truth is, there are several practical steps we can take to safeguard our devices and data. Here are four easy ways to boost your cyber hygiene:
1. Enable multi-factor authentication. Also known as two-step verification, multi-factor authentication adds a second step when logging into an account (to prove you’re really you), which greatly increases the security of the account.
This second step could include an extra PIN, answering an extra security question, a code received via email or a secure token. Regardless of the type of authentication, this additional step makes it twice as hard for cyber criminals to access your account. Not every account offers multi-factor authentication, but it’s becoming increasingly popular and should be utilized when available.
2. Use strong passwords and a password manager. Remember, passwords are the “keys” to your personal home online. Your passwords should always be long, unique, and complex. Create passwords using at least 12 characters, never reuse passwords for multiple accounts, and use a combination of upper- and lower-case letters, numbers, and special characters. If you have a lot of accounts, consider using a password manager to store them easily and securely in one place.
3. Update software. It may seem obvious, but regularly updating software is one of the easiest ways to keep your personal information secure.
Most companies provide automatic updates and will send reminders so you can easily install the update. If you’re not receiving automatic software updates, set a reminder to do so quarterly. Be aware that some cyber criminals will send fake updates; these typically appear as a pop-up window when visiting a website. Use good judgment and always think before you click.
4. Recognize and report phishing attacks. Don’t take the bait when cyber criminals go phishing. The signs of a phishing attack can be subtle, so take the extra time to thoroughly inspect emails. Most phishing emails include offers that are too good to be true, an urgent or alarming tone, misspellings and poorly-crafted language, ambiguous greetings, strange requests, or an email address that doesn’t match the company it’s coming from. Most platforms like Outlook, Gmail, and Mac Mail allow users to report phishing emails. If you suspect a phishing attempt, take an extra minute to report it.
Cyber criminals are here to stay, but when we all take a risk-based approach to our cyber behavior, we’re creating a safer internet for all. Visit www.staysafeonline.org for additional cybersecurity tips.