By Russ Munisteri, CISSP
Not too long ago, my mother came to me about a friend who received a call from someone claiming to be from Amazon support. They convinced her friend to purchase gift cards and to provide the gift card codes to obtain money. It took weeks to sort out the mess and to try to get some of the money back.
On another occasion, a colleague of mine clicked on a phishing link that looked like it was from our IT department. It took hours to secure his account and ensure no data was compromised.
Now imagine you’re sipping your morning coffee and checking your email when you see a message that looks like it’s from your bank. It asks you to verify your account details. What do you do?
These are all common tactics used by hackers. While it may not occur to you while scrolling through your favorite social media feed to suddenly wonder, “How safe is my personal information,” cyberattacks are on the rise, and no one is immune. Let’s dive into the world of cybersecurity together and uncover some simple yet effective ways to protect yourself online.
Cybersecurity might sound like a tech-heavy buzzword, but it’s something that affects all of us. From our smartphones to our smart homes, we’re more connected than ever. But with this convenience comes risks.
Cybersecurity is all about keeping our devices, data, and online activities safe from hackers and other threats. Think of it like locking your doors at night. You wouldn’t leave your front door wide open, so why leave your digital life unprotected? It’s important for everyone, especially if you want to protect your family’s personal information, secure workplace data, and create a safer digital environment both at home and at work.
SCARY STATISTICS
Based on the Federal Trade Commission’s Consumer Sentinel Network Data Book 2023 there were:
5.5 million reports in total of fraud in 2023
$10.4 billion dollars were lost through fraud
44% of people aged 20-29 reported losing money to fraud
25% of people aged 70-79 reported losing money to fraud
Identity theft is the #1 crime reported by the FTC
These statistics highlight the widespread impact of fraud across different age groups. It’s a stark reminder of how prevalent and damaging these frauds can be, especially for younger individuals.
Before exploring the details of digital security, take a moment to reflect on your own digital habits. Are you confident that your online activities are secure, or do you sometimes wonder if you’re doing enough to protect yourself?
Here are some basic guidelines that you can follow now to protect your information.
MAINTAINING DIGITAL SECURITY AT HOME
Begin with updating and protecting your devices — PCs, phones, tablets, etc. Operating systems, applications, and web browsers should always be up to date. Follow these steps regularly to check for updates on your computer or mobile device:
For Windows, go to “Settings” > “Update & Security” > “Windows Update” and click “Check for updates.”
For macOS, open “System Preferences” > “Software Update” and look for available updates. For applications, enable auto-updates if available, or check the app store for updates.
For web browsers like Chrome, Firefox, or Safari, go to the “About” section and see if an update is available.
Use security software. Install reputable antivirus and anti-malware software on all devices. Regularly update these programs to protect against new threats.
Secure Your Home Network:
Modify the default username and password for your router to something unique. Many routers come with default credentials that are widely known. For example, change a default of “admin” for the username and password to something more difficult to guess, such as GreenTea2025 for the username and Fly!ngD0lphin#84 for the password.
With Wi-Fi networks, use WPA3 encryption for enhanced security over older standards, such as WEP or WPA2. (WPA3 offers stronger Wi-Fi protection than older standards like WEP or WPA2). To check if you’re using WPA2 or WPA3 on your Wi-Fi network, follow these steps:
Open the settings menu on your device.
Navigate to the Wi-Fi or Network settings.
Select your connected Wi-Fi network.
Look for the security type or encryption type in the network details. It will indicate whether you’re using WPA2 or WPA3.
Invest in a VPN (Virtual Private Network) to ensure your confidential information is encrypted over the internet. This makes it more difficult for hackers to intercept your data when using public Wi-Fi networks. VPNs generally cost between $5 to $15 per month, with many providers offering discounted rates for annual subscriptions. You can find VPN services from reputable providers like ProtonVPN, NordVPN, and TunnelBear VPN.
Practice Safe Online Behavior:
Phishing attacks often come in the form of emails that appear legitimate. Avoid clicking on suspicious links or downloading attachments from unknown sources. For my colleague who clicked a phishing link that looked like it came from our IT department, we enabled multi-factor authentication and reset his passwords to strong, unique ones to prevent future unauthorized access.
When entering sensitive information online (like credit card details when shopping), look closely at the website URL. If it begins with “https” and displays a padlock icon in the address bar, it’s a secure website.
Be mindful of what you share on social media platforms. Limit personal information that could be used against you in identity theft or social engineering attacks. Social engineering involves tricking people into revealing confidential information. For example, a hacker might use details from your social media profile to guess security questions and gain access to your accounts. This differs from identity theft, which involves someone stealing your personal information and using it to commit fraud.
Limit Location Sharing. Location sharing is used by apps and devices to track your movements (yes, your phone knows when you enter your favorite coffee shop). This can be useful when you want to get directions or find nearby services, but also harmful because it can expose your location to malicious actors. Best practice is to turn off location services on apps and devices when you don’t need them.
MAINTAINING DIGITAL SECURITY AT WORK
Develop Strong IT Policies. Write clear policies outlining acceptable use, data protection, and incident response procedures. Have employees review and sign these policies.
Establish Strong Network Group Policies. Use strong group policies to enforce security settings across the organization.
Implement Access Controls. Limit who has access to sensitive data and systems.
Secure Mobile Devices. Use a mobile device management (MDM) solution (such as ManageEngine Mobile Device Manager Plus, IBM Security MaaS360 with Watson, or Cisco Meraki Systems Manager) to secure connections when accessing work data remotely. These top solutions offer robust security features and are widely used by organizations to manage and protect their mobile devices.
Monitor for Threats. Invest in cybersecurity tools, such as a quality SIEM (security information and event management), that provides real-time monitoring and alerts for unusual activity.
Back Up Your Data Regularly. Use external resources (cloud environments, synchronization, encrypted media) to create copies of important files regularly. Periodically check that you can successfully restore data from backups. Several years ago, a friend of mine called me in a panic because she couldn’t access her files (years of family pics and personal data). After investigating her network and situation, we discovered it was a ransomware attack. Thankfully, her ongoing workable backups saved the day, allowing her to restore her data without paying a ransom.
Generally speaking, whether at home or at work, the simplest methods are a great way to start safeguarding your data and personal information. Begin by strengthening your passwords. Use a mix of uppercase and lowercase letters, numbers, and symbols. Avoid common words or easily guessable information like birthdays. Use a passphrase, such as WinterSnowflakeFalls2023. Add an extra layer of security by requiring additional verification steps (like a text message code) beyond just your password. And consider using a password manager to generate and securely store complex passwords. This reduces the risk of reusing passwords across multiple sites. I highly recommend 1Password.
If you’re more tech-savvy or can get some digital security assistance, purchase data encryption tools to protect sensitive information on your devices. This is especially important for laptops and mobile devices that are more susceptible to theft.
Most of all, keep up with the latest cybersecurity threats and best practices through reputable sources like cybersecurity blogs or news websites.
Discuss the importance of protecting personal and corporate data with your employees, co-workers and family members.
LOOKING AHEAD
The digital world isn’t slowing down, and neither are the threats. Cybersecurity is an ongoing process, not a one-time fix. Whether it’s upgrading your home network or rolling out a company-wide training program, every step counts.
Stay safe, stay smart, and remember — cybersecurity starts with you!
Russ Munisteri is a Holly Springs resident and an expert in cybersecurity awareness training. He runs urcybersecurity.com and can be contacted for more information. With over a decade of experience as a Certified Information Systems Security Professional (CISSP) and Information Technology Educator, Russ is dedicated to helping people stay safe online.
