If you think cybersecurity is something that happens to other people and doesn’t affect you, think again.
By Doctor Mafuwafuwane, acting practice lead: enterprise security solution at Altron Systems Integration
Ask anyone who tried to buy electricity from City Power in Johannesburg when it was hit by a ransomware attack last year. When cyber criminals attack companies, the resulting downtime (and, in the worst case scenario, going out of business) impacts customers as well as employees and their families.
But that is only the start. Think about how much information your employer has about you. They need this information for good reasons, like paying your salary. But if your personal identification information such as tax details, ID number, address and next of kin were to be released in a breach, criminals could use this to impersonate you, or to scam you.
There’s no doubt that cybersecurity is personal. And that cybersecurity is for everyone. And if this year’s massive increase in cybercrime has taught us anything, it’s that the fight against cybercrime is ongoing and evolving: criminals are organised, sophisticated, motivated by profit and show no mercy in their exploitation of any new opportunity or vulnerability.
Consider how criminals took advantage of the loopholes created by the rapid shift to remote at the start of lockdown, which undoubtedly left companies very little time to ensure the full ICT chain was in place to keep people, data and systems safe. Criminals also preyed on people’s anxiety and desperation during the pandemic to get them to click email links that led to phishing scams.
Cybersecurity is an ongoing journey and is dependent on several basic cyber hygiene principles. If you get these basics right, you are well on your way to staying cyber-safe at work and at home. If you neglect these, it doesn’t matter how sophisticated and advanced your cyber security strategy is, you will always be vulnerable to attack.
The top three cybersecurity essentials:
* Use strong passwords or, even better, a password manager so you don’t need to remember the passwords. Then, back this up with an additional layer of security. Add two-factor authentication so you will still be protected even if your passwords are hacked.
* Make sure all your operating systems and software are up to date. Yes, those updates can be annoying but rather spend a few minutes today making sure you have the most secure version of your software installed, than be locked out of your machine or let malware onto your company network tomorrow when you are hacked.
* Double check every link you click, and remember, there is no such thing as a free lunch. If it sounds too good to be true, it probably is. Phishing is still the number one way for criminals to launch attacks, and back in 2019 in pre-pandemic days, email authenticator Valimail reported there were a whopping 3,4-billion fake emails sent every day.
These cybersecurity hygiene basics need to be baked into the fabric of every one of our daily lives, whether at work, or at home, or working from home. From there, you can start layering tools and more sophisticated cybersecurity roadmaps to continue your cybersecurity journey. Because every company is different, with different risk profiles and requirements, they each need to define and design their unique cybersecurity plan.