10 Critical Information Security Tips to Follow Today

November 26, 2017 by in Security

It’s a brave new world out there today when it comes to cyber security.

More than 4,000 ransomware attacks happen every single day. There is a daily average of 1 million new malware threats and over three quarters of organizations have been the victim of or targeted by a phishing attack in 2016.

And all of these threats can end up costing your business tens of thousands in lost revenue. When you factor in the blow to your brand credibility, a sophisticated breach that’s poorly defended against may even cause the downfall of your entire company.

That’s why it’s critical that you take the necessary precautions to defend yourself against cyber-attacks each and every day. And these 10 tips will help you do just that.

1. Vary Up Your Logins

If there’s one thing and one thing only to take away from this list it’s that you should always vary up your login information. And never skimp on password complexity either – the more sophisticated the password, the harder it will be to break in.

In fact, according to a 2016 Verizon report a whopping 63% of confirmed data breaches involved leveraging weak, default or stolen passwords.

Take the extra time to follow a few best practices for passwords including putting in special characters, avoiding common words, and trying to make them at least 12 to 15 characters long.

2. Update Software Aggressively

The success of the May 2017 WannaCry Attack, which affected hundreds of thousands of computers across 150 different countries, has been linked back to a simple yet widespread problem – outdated software.

While it can certainly be inconvenient to put the task-at-hand on hold for a while, doing so allows software companies to fix bugs, glitches, and vulnerabilities, some of which may be critical to your system’s overall integrity.

So if you want to thwart cyber-attacks before they begin, update consistently and update frequently.

3. Avoid Clicking Links in Emails

Phishing attacks are becoming the new norm when it comes to email. About 60 to 70% of email is spam according to CSO online, much of which is made up of phishing attacks.

What’s more, an astounding 91% of cyber-attacks (whether malware, ransomware, or “malvertising”) actually start with a phishing email.

It’s critical, then, that you and your coworkers all stay well-aware of the risks of phishing attacks. Do not click email links from unfamiliar sources, be careful who you give your information to, and don’t login to an account through an email link, even if it’s from someone you believe is a trusted source.

4. Stack Your Cyber Security Defenses

Just like any other defense system, it helps to have a comprehensive and diverse suite of cyber security software at your disposal.

Rather than depending on a single trial-version anti-virus software to handle all of your protection needs, be proactive and adopt a variety of security solutions. A dedicated anti-malware software, an ironclad password manager, and basic measures like a secured Wi-Fi network are all integral parts of a well-structured cyber defense.

5. Use Two-Factor Authentication Whenever Possible

You may think that something as minor as just another question during your login isn’t enough to stop serious attackers but the truth is multi-factor authentication can be instrumental in your digital security.

Whether its adding a PIN number, a biometric like a fingerprint, or verification sent through a phone, multifactor authentication provides an added layer of security that can make any system harder to crack.

And given that an astounding 90% of employee passwords can be cracked in just under 6 hours, that one extra layer could be the one that stops a cyber-attack in its tracks.

6. Be Wary of Free-To-Use Software

Nothing in this world is free. And while running any antivirus is certainly better than no antivirus, it’s worth remembering that there are usually some strings attached to free-to-use software.

Your user behavior, buying preferences, or even highly personal data like your address and phone number may all be part of the price when it comes to free antivirus or antimalware software. What’s more, some may even be responsible for installing adware directly onto your system.

7. Ditch Java

More than just a highly popular programming language used in web-based gaming, Java is actually a critical component in many enterprise systems. However, this platform is increasingly coming under attack for being a hotbed of vulnerabilities.

In fact, a recent report found that running Java is actually the single biggest threat to cyber-security for US computers today. What’s more, almost half of all Java users aren’t even running the most up-to-date versions either, leading to an even more compromised system.

The takeaway here: drop Java and if you can’t, keep it updated.

8. Consider Yourself a Target

Gone are the days of only high-profile businesses being the target of hackers. Small businesses are increasingly becoming the ideal victims of cyber-attacks today.

A smaller IT budget, less complex defenses, simpler login credentials, and a general sense of “why would they target me?” are some of the main contributors to this growing trend. But when you acknowledge the fact that half of all small businesses were breached in 2016, it’s more important than ever to start beefing up your cyber defenses.

9. Be IoT Aware

Bluetooth toasters, remotely controlled refrigerators, and web-connected thermostats are just a few of the everyday devices that are introducing a new threat to the modern consumer. While the benefits that the Internet of Things (IoT) brings to daily life can be substantial, these devices can also pose a significant threat for individuals, businesses, and enterprises at large.

It’s important, then, that you pay extra special attention to keeping these devices updated, changing default login credentials, and incorporating device security protocols with regards to IoT products.

10. Back Up, Back Up, Back Up

And finally, back up your data. Do it frequently, and do it consistently. Given that incidents that resulted in data loss rose by 400% over the last two years, committing to a regular backup schedule is more important than ever.

Proven Tips for Improved Cyber Security

The digital landscape is more dangerous than it ever has been. With the increasingly complex and numerous attacks that evolve and adapt with each passing day, it falls to you to ensure your digital defenses are comprehensive and complete.

These 10 tips will help give you the security foundation you need to ward off attackers, stay productive, and maintain the confidentiality of both you and your customers.

One Comment
  1. electrode December 5, 2017 at 11:30 pm

    Hey! Тhis іs my first visit tо your blog! We are a group of
    volunteers and starting ɑ new proјect in a community in the same
    niche. Your blog provided us beneficial information to work on. You havе dⲟne a marvellous joƄ!

Comments are closed.

    IRC

    The First and Only Incident Response Community laser-focused on Incident Response, Security Operations and Remediation Processes concentrating on Best Practices, Playbooks, Runbooks and Product Connectors. In building the Community, the IRC is aimed to provide, design, share and contribute to the development of open source playbooks, runbooks and response plans for the industry community to use. These playbooks or recipes can be in the form of flowcharts, diagrams, sequences, scripts, orchestration platform playbooks and product integration connectors.

    Subscribe to receive updates from the

    Incident Response Consortium