October is National Cybersecurity Month— How Safe Are You?
- Loann West
- Oct 14
- 4 min read
It’s so easy: you’re busy, you’ve been running through your emails all morning, you see one from your security service, your web host, your bank. “URGENT ACTION REQUIRED! Click the link to update your account!” it screams. You click the link without thinking. It takes you to a sign-in page where you enter your information, and boom—you’ve been a victim of cybercrime. Visiting fake websites, and downloading attachments from unknown and unverified senders puts you at risk of viruses and malware. Once downloaded, a keystroke logger program will record every password you enter and every piece of secure information you type. Malware can even lock you out of your computer or copy your hard drive to a distant server.
Review these simple steps to protect yourself and your business.
NO ONE IS IMMUNE. Cybersecurity professionals have been caught by advanced phishing schemes. Companies with billions in assets are routinely hacked or have their data taken ransom. Hackers and criminals are using more and more sophisticated methods to trick people at all levels.
EVERYONE IS VULNERABLE. As a small-business owner, you are especially at risk, as you aren’t in a financial position to write off any losses, and you probably don’t have the elaborate firewalls and monitoring systems of bigger businesses.
There ARE some simple steps to take to reduce your chances of becoming a victim in addition to whatever cybersecurity you already have in place.
Make sure that you train your employees to be on the lookout. All big businesses require security training for new hires on the first day. Institute the same policy in your company for ALL employees, not just those who work with sensitive information.
Use a reputable, well-rated antivirus program on ALL devices. People forget that their phones and tablets are vulnerable to attack as well.
Create strong passwords. It is recommended that you use a unique password for every site, program, or app that requires login.
Sixteen characters long
A combination of uppercase, lowercase, numbers, and symbols
No common words or personal information or sequential characters
Nine876 is not a good password
October10102022 (Granddaughter’s birthday) is not a good password
IHATEPASSWORDS is not a good password
Password24 is not a good password
Many people use a password manager to create unique, complex passwords that are stored in an encrypted file on the hard drive. It is also recommended that you use two-factor authorization and use Microsoft or another Authenticator where possible.
If you prefer to have your passwords in your head, many companies are recommending using a passphrase of 16 to 24 characters with character substitutions such as T@k3M3Out2th3b@11g@m3. Do you recognize it? “Take me out to the ballgame.” It’s easy to remember but long and complicated to the computer, and unless you announce that that’s your favorite song to everyone you meet, a hacker isn’t likely to try anything like it if they are trying to break it using brute force. For a shorter password, you can take the first letters of each syllable: Tmo2tbg! Remember, there is almost no maximum number of characters in a password.
Change your passwords at least once every three months. This should be company policy
Recognize the signs of phishing.
Look at the email of the sender carefully. Does it have a legitimate domain, or is it a string of numbers and letters or a compound name like “ugent.yourbank.com” Scroll over the link to see the URL. Look for misspellings, awkward phrasing, poor graphics, or any other signs that it is counterfeit. Instead of clicking the link, go to the official site and log in with your credentials. You can also call to confirm.
NEVER download an attachment if you aren’t sure of its authenticity.
Be careful what you share on social media.
Social media can be useful and a lot of fun, but most people underestimate how much of their
privacy they’re giving away. Cybercriminals use all of that information to steal identities and hack people’s accounts. Keep your profiles private and make sure that you have taken advantage of all of the security and opt-outs that the sites offer.
Your eagerness to sell your business may make you more susceptible cybercriminals impersonating prospective buyers. In addition, a company’s cybersecurity protections are rapidly becoming a part of a buyer’s due diligence and company value.
If you are a victim of cybercrime, contact the FBI immediately. Contact all your financial institutions and instigate identity fraud protections. Notify all of your contacts that you may have been compromised so that they can protect themselves and know to not respond to suspicious emails from you. Change all of your passwords even if you think that they aren’t affected.
It's a scary world out there, but living offline, particularly for a business, is impossible. Just like in life, take precautions, be prepared, and know what to do when the worst happens.
Report cybercrime, and monitor scams and attacks:
Comments