Cybersecurity awareness helps individuals protect themselves online as threats to technology and confidential data become more commonplace. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally.

Multifactor Authentication

The National Institute of Standards and Technology (NIST) defines multifactor authentication as an authentication system that requires more than one distinct authentication factor for successful authentication. Multifactor authentication can be performed using a multifactor authenticator or by a combination of authenticators that provide different factors. The three authentication factors are something you know, something you have, and something you are.

Learn More

Multi-Factor Authentication – National Cybersecurity Alliance
Multi-Factor Authentication | CISA
Authentication: What is Multi-Factor? > SBS CyberSecurity
Security Awareness Episode 1: Passwords

Why Passwords?

Passwords are an important layer of security designed to protect your digital identity both in a professional and personal world. When combined with a username, a password uniquely identifies “you” and has been the most used mechanism for authenticating to networks, applications, and devices. Passwords have grown in both length and complexity since first being implemented. Advances in computing technology allow passwords previously thought to be complex to be broken within a shorter timeframe. To counter the onslaught of computing power available to attackers, we must discuss the evolution of the password as a reliable authentication method, and what we can do to reduce the risk of unauthorized access to our systems.

Federal Trade Commission’s (FTC) Password Checklist

The FTC recommends the following to keep your password secure:
• Make your password long and strong. Consider using a passphrase.
• Don’t reuse passwords you’ve used on other accounts.
• Use multi-factor authentication when it’s an option.
• Consider a password manager.
• Pick security questions only you know the answer to.
• Change passwords quickly if there’s a breach.

Learn More

PasswordTips.pdf
Cybersecurity Awareness Month 2021 – Creating Passwords Tip Sheet
Are Your Passwords in the Green?
Jimmy Kimmel Live on Instagram: “OMG CHANGE YOUR PASSWORD!”
The Password is Dead; Long Live the Password > SBS CyberSecurity
Password Checklist | Consumer Advice

Cybercrime

Many organizations have been developed to help fight cybercrime such as Cybercrime Support Network (CSN). CSN is a nonprofit organization created to meet the challenges facing individuals and small businesses affected by cybercrime. The web page referenced below lists common cybercrimes such as financial purchase scams, imposter scams, hacked devices and accounts, harassment, identity theft, and business scams.

Update Your Software

One of the easiest ways to keep information secure is to keep software and apps updated. Updates fix general software problems and provide new security patches where criminals might get in. Step away from the “remind me later” button to stay one step ahead of cybercriminals.

Did you know?

• Nearly a third (31%) of US/UK respondents say they either “sometimes,” “rarely,” or “never” install software updates. (NCA)
• 68% of the participants reported installing the latest updates and software as soon as these are available. (NCA)
• Just 20% of Android devices use the latest and safest OS version. (Symantec)

Quick Tips to Share:

• Turn on automatic updates on all your devices. Set it and forget it!
• Stop clicking “Remind me later.” Don’t hesitate to update!
• Keep it clean. Keep a clean machine with current updates, web browser, and operating system.
• Delete when done. Uninstall any apps you no longer use.

Importance of Software Updates

Bad actors continually search for vulnerabilities on systems. For a lot of people, it is hard to envision the volume of cyber threats occurring on a daily basis. The following websites illustrate attacks in real-time:
• FireEye Cyber Threat Map
• Live Cyber Threat Map | Check Point
• Fortinet Threat Map
• Bitdefender Threat Map
• MAP | Kaspersky Cyberthreat real-time map

Learn More

Security Patch Overload | SBS CyberSecurity
Software Updates – National Cybersecurity Alliance
Cybersecurity Awareness: Patch Management | HIPAAtrek
Security Awareness Episode 8: Wi-Fi – YouTube
Scams – Fightcybercrime.org

The Golden Rule of Email

Although phishing has been a problem for years, phishing emails have increased by an estimated 600% over the past two years. Setting a record number of cyber-attacks in that time, phishing continues to be a go-to source for hackers.

Because of the mass number of phishing emails targeting victims every day, it is more important now than ever to remember The Golden Rule of Email. This modern version of the well-known principle is to treat every email as if it’s a phishing attempt.

There are three steps to implementing The Golden Rule of Email concept in any organization:

1. Introduce and apply the concept company-wide.
2. Build phishing awareness skills.
3. Take accountability.

Investigating Emails

Do you know the three Ws you should consider when reviewing a suspicious email?

Who?
– Do I know the sender?
– Is this someone I usually communicate with?
– Is the email sent to an unusual group of people?

What?
– What action does the sender want you to take?
– Does the email contain bad grammar, odd styling, or typos?
– Is the email written in a style consistent with the sender?

Why?
– Why do they want you to click on a link or an attachment?
– Are they presenting a sense of urgency?
– Is there a consequence if you do not act immediately?

Learn More

Free Posters and Infographic Downloads | SBS CyberSecurity
TEN TIPS TO AVOID A PHISHING ATTACK > SBS CyberSecurity
Security Awareness: Episode 4 – Phishing and Ransomware – National Cybersecurity Alliance
The Golden Rule of Email | SBS CyberSecurity
InvestigatingEmail (sbscyber.com)