A few years back, one of my daughters who was 8 at the time, while playing an online game was hit with a malware pop up. One of those congratulations – you have won “something too good to be true” messages. The offer was more than her 8-year-old experience could refute – the prize was an iPad – all she had to do was fill out some info so they could ship it to her.
A couple of days after her clandestine form filling event took place, she asked me to be on the lookout for a new iPad she was being sent. I tried to gently bring her down to reality but there was no hearing it – she was getting a new iPad. For the next 6 years we receive credit card offers, shopping deals, timeshare opportunities, raffles, college solicitations, and other prize fun.
Our families are being fished hard. As soon as they start using connected devices, they are a target. If they are connected, you need to be communicating with them, educating them about proper usage.
This month is National Cyber-security Awareness Month. The National Initiative for cyber-security careers and studies (NICCS) website has some good basic information to share because the site is not just focused on business but consumers and citizen privacy as well. I know you have people at home that use technology and probably need help as to what risks are present and how to spot them. We all need to raise our education level.
The site has some simple info-graphics that area a great starting point as they are not too technical, perfect for a conversation for your family. I strongly encourage this to be a topic around the dinner table – these cyber situations warrant our focus. We all need to remember that each internet-enabled device is a point of risk. You need to keep track of them just like a business needs to keep track of all your connected assets (and or liabilities).
Note – If you are unfamiliar with the term social media bots, they have a good overview of that technology and some of its impact on our social media world.
Is texting secure? Many companies now send us access codes via text for us to confirm we are who we say we are. While this is an improvement from single-factor authentication (entering a single password to get it). You need to understand that the network (SMS) that text messages are sent on is not secure. SMS is not encrypted and is susceptible to hacking. Yes those “confirmation codes” can be hacked. To be safe you will need an encrypted and controlled platform. An application, like MS Authenticator, Google authenticator, and Cisco DUO are examples of secured applications. These applications are installed on your phone and then send controlled/encrypted codes to you that cannot be hacked.
Action – do you use any applications/web resources/banks that send you texts to confirm it is you? If so you need to look for more secure options. Contact the provider and ask them for a confirmation process that does not use public SMS/texting.
64% of companies are making cyber-security a high priority – What are you doing and what are you measuring to confirm you are truly improving?
Would you commit to losing weight without weighing yourself to see progress? So many technical initiatives spend money but then do not have measurement systems in place to make sure they are getting results. We can help – Let’s talk about security risk assessments and vulnerability scans.
Action – what are you doing in 2020 to improve and measure that improvement?
Till next month stay safe,