“The chains of habit are too weak to be felt until they are too strong to be broken.” – Samuel Johnson
As we all know, in life, there are good habits and bad habits. I am not here to discuss the bad ones; we all know what they are…but forming good habits can be a really important thing to do when fighting modern cybersecurity threats.
A habit is a type of behaviour. As such, by creating a habit you are developing a behaviour that will, over time, become second nature. And positive habits can be a weapon against cybercrime. Cybercriminals also use human traits and habits to facilitate cybercrime; the types of habits they use include things such as creating a poor password. In a National Cyber Security Centre (NCSC) survey into the most common passwords, the top was“123456”.
To create “strong chains of habit”, we offer up 5 top security habits to form.
Top Cybersecurity Habits to Form
Here are our top 5 security habits that will help you to protect yourself and your business from cybersecurity attacks.
Habit One: Practise good passwords
You may not have as bad a habit as using 123456 for your password, however, here are some good tips to use to give you good password habits:
- Do not share passwords with others (no matter how much you like them)
- Do not write passwords down on paper – if you do, place the paper in a safe, lockable place.
- Do not use the same password for multiple accounts
- Create passwords using 3 or more random words
- As an option, look at using a password manager to manage your passwords
Habit two: Patch in time
Software flaws (vulnerabilities) are exploited by cybercriminals to infect computers and other devices with malware. Sometimes this infection happens without you even being aware. In this case, you will likely have been the victim of a ‘drive-by-download’ which is where a website that contains an ‘exploit kit’ is used to look for software vulnerabilities on your machine. If the exploit kit finds one, it takes advantage of the flaw and automatically installs or prepares to install, malware. Recently, this tactic was used when a vulnerability was discovered in Internet Explorer. The malware installed was a form of ransomware.
To minimise the risk of infection by this method, always keep your computers and other devices, including IoT devices, up to date with the latest updates and patches.
– Engage your staff with scenario-based security awareness training or “In-the-Moment” training.
Habit three: Know your security
Cybercriminals are always looking for new ways to commit cybercrime. Phishing tactics, for example, are continuously being updated to reflect any new changes in technology. It is as if the cybercriminals are always one step ahead. Phishing is such a big business that there are now ‘phishing kits’ that automate the process of phishing so that anyone can now send out phishing campaigns and rake in the money.
Get into the habit of keeping up to date with the latest in cybersecurity fraudster tricks. You can do this by personally taking an interest in the area and reading scam warnings from The Defence Works regular “Breaking Scams” posts. You can also build a good habit by using fun, interactive, online training in security awareness from The Defence Works to keep you ahead of the fraudsters.
Habit four: Be Mobile “Appy”
Many of us have a habit of downloading mobile phone apps. It is so easy to go to the app store, find something interesting, then click to download and install. In fact, it is almost too easy…Fraudsters know this, and there are many cybercrimes that begin with a malicious app download. A report from WhiteOps found that over 100 Android apps with 4.5 million downloads were infected with malware that delivered non-stop fraudulent ads to a phone. Malicious apps can be used to steal personal data and login credentials too. It is important to stop the bad habit of downloading free apps and form good app habits:
- Only download mobile apps from known app stores
- Check app settings and disable any that seem unneeded
- Be careful about using free apps and read the comments and reviews on the app
- Double check any permission requests during install or use of an app
- Turn off any automatic connection for wireless services
Habit five: Back it up
A good habit to form is to keep secure backups of your files. Ransomware continues unabated increasing by 365% between Q2 2018 and Q2 2019. One way to minimise the impact of a ransomware attack is to have robust, secure, and ransomware-resistant backups. The key to this is to maintain offline backups, as the NCSC states “only connecting the backup to live systems when absolutely necessary”
Creating good security habits is a great way to turn everyday computing-related behaviour into something that can prevent a cyber-attack. By knowing what kind of behaviour works to stop a cyber-threat, you can create a more secure working environment for yourself and your colleagues.
Interested in learning more about how security awareness training can help your organisation? Sign up for a free demo of the world’s most interactive security awareness training.
Subscribe to the Proofpoint Blog