October is National Cyber Security Awareness Month, an annual campaign to raise awareness about cyber security, with 2016 marking its 13th year. If you’ve been following our posts, then you know that we place a great deal of importance on cyber security and strategic planning to mitigate cyber risk every month of the year. However, given the special occasion, now is the perfect time to rethink and enhance your personal and company security measures.
As part of National Cyber Security Awareness Month, the National Cyber Security Alliance (NCSA) has posted some helpful resources on StaySafeOnline.org including a page offering information on enhancing your login authentication: #LockDownURlogin. According to the White House, which has partnered with the NCSA, as many as 62% of successful data breaches may have been thwarted by the use of enhanced authentication methods. Strong authentication methods such as two-factor authentication, biometrics (fingerprints), and security keys will certainly reduce the risk of a breach where compromised (stolen or shared) passwords are concerned.
These enhanced authentication methods can be quite involved for enterprise networks and applications, but some commonly used personal apps such as Facebook, Twitter, Google and Instagram offer them as part of their security settings. Users should utilize them where possible to protect their information and privacy. Keep in mind – a breach of a personal account often leads to a breach of a company network due to users utilizing the same password for all online accounts … including business-related ones.
Here are several helpful tips related to online account passwords:
- Have unique passwords for all accounts;
- Use only strong passwords (a combination of upper and lowercase letters, numbers and special characters; minimum of eight characters);
- Utilize two-factor authentication or biometrics where possible;
- Never share your password with anyone;
- Do not send your password through email;
- Never leave your password on your desk.
Of course, password security is only a very small part of any organization’s cyber security plan. If you do only one thing to participate in National Cyber Security Awareness Month, developing a password security policy and sticking to it is a great place to start for both companies and individuals.
Additionally, NCSA has created a theme for each week to focus on a specific cyber security issue in the month of OCTOBER:
- 3-7: “STOP. THINK. CONNECT.”
- Outlines simple, everyday steps to online safety and security;
- 10-14: “Cyber from the Break Room to the Board Room”
- Provides tips for how to create a culture of cyber security in the workplace;
- 17-21: “Recognizing and Combating Cyber Crime”
- Offers insights and awareness of the different types of online crime, the steps people can take to better protect themselves, and addresses how law enforcement and others can collaborate to combat cyber crime;
- 24-28: “Our Continuously Connected Lives – What’s Your ‘App’-titude?”
- Examines the future in our connected world and provides strategies for security, safety and privacy;
- 31: “Building Resilience in Critical Infrastructure”
- Emphasizes the importance of critical infrastructure and highlights the roles the public can play in keeping it secure.
Click here to request more information or if you have any questions on managing your organization’s cyber risk.
