It is vital to protect your internet-connected devices by keeping your software current with the latest security updates. To help keep your devices safe:
- Set up automatic updates to make the process smoother and decrease the risk from ransomware and malware.
- Carefully check privacy and security settings to ensure they’re set to your desired level of information-sharing any time you sign up for a new account, download an app, or acquire a new device.
Passwordless is the key
Hackers don’t break in — they sign in. So a good way to protect one of the attacker’s most common entry points is by going passwordless with authentication solutions. For when passwords are needed, there are a few steps you can take to be safer:
- Use your browser’s password generator to create stronger passwords.
- Length — at least 12 characters — matters more than complexity, and a password manager can help you keep track.
Multifactor authentication is a must-have
Multifactor authentication can protect 99.9% of the attacks in your accounts by offering stronger security than relying solely on passwords. Check your devices, apps, and account settings to enable multifactor authentication, such as two-step authentication or biometrics.
Phishing only works if you take the bait
One hour and 12 minutes is the average time for an attacker to access your private data if you fall victim to a phishing email.[i] Complacency can lead to clicking on a malicious link in an email, phone message, or social post. So, how can we avoid taking the bait?
- Check the sender’s email address for verifiable contact information and phishing tip-offs such as an unrelated sender address. If in doubt for any reason, do not reply.
- Don’t click on links or open email attachments unless you have verified the sender.
- Check out the Gone Phishing Tournament, where Microsoft partners with Terranova Security in an interactive way you can test your organisation’s phishing resilience.
Security is important for every customer size
While following security best practices goes a long way toward keeping your employees, customers, and data safe, iSSC and Microsoft know this effort takes a village and should permeate organisations of all sizes. Small and medium businesses face an even more challenging landscape — increasing cyberthreats, along with a lack of sophisticated security solutions and limited security staff, making them particularly vulnerable. In 2021, for example, 82% of ransomware attacks targeted small businesses, with the total cost of these cybercrimes reaching USD2.4 billion.[ii]
Celebrate cybersecurity awareness all year round
Cybersecurity Awareness Month holds special significance globally as it brings together industry, academia, and government with a united mission to keep our users safe. However, it is vital that we implement cybersecurity awareness and education all year round.
Cybersecurity Awareness Month is more than an opportunity to refresh your cybersecurity savvy and learn new security skills. It’s a reminder of how collectively we can achieve more and make the world a safer place. Happy Cybersecurity Awareness Month!
Chat to the iSSC team about creating a resilient cybersecurity strategy <link to contacts page>
[i] New Windows 11 security features are designed for hybrid work, David Weston. September 20, 2022.
[ii] FBI Releases the Internet Crime Complaint Center 2021 Internet Crime Report, FBI. March 22, 2022.
