What does Good Cyber Hygiene Really Mean?
Maybe you have heard this phrase thrown around lately in the news as more and more breaches are coming to light. Maybe your company has warned you to practice good cyber hygiene at work and while working from home. Maybe every time you hear the phrase you assume you know what it means but still aren’t taking action towards making it a reality.
First of all, like brushing our teeth or taking a shower, hygiene is made up of three parts: using the correct products and tools that fit your needs, performing tasks effectively, and establishing a routine.
But what is cyber hygiene and how does it relate to your computer and computer habits? Cyber hygiene refers to the practices and steps that you should take to maintain system health and improve online security, which in turn keeps your data safe and well-protected. Establishing good cyber hygiene routines helps protect your system and data from outside attacks.
But why should you take the time to establish and routinely perform cyber hygiene practices? Two reasons: maintenance and security. Maintenance is why we go to the doctors for a yearly checkup. Routine maintenance allows us to spot issues early enough to fix them, and prevent serious issues from evolving. Maintained systems are thus heathier and less vulnerable to cybersecurity threats. Security is the other crucial piece of a cyber routine. While hackers are becoming more and more skilled at infiltrating your systems and data, preparing for and preventing these attacks becomes feasible when the proper security practices are in place.
Common cyber hygiene problems that can lead to a breach
Internet of Things (IoT)
With so many devices being connected to the internet and transferring all types of data, it is not surprising security teams find keeping up with the accurate extent of their networks challenging.
Use of Cloud Services
Cloud computing has transformed the way companies and individuals store and share their data. While it has come with its set of advantages, we cannot overlook the new security threat challenges it also has introduced into our daily lives with so much data going into the cloud.
Employee Cyber Education
Employees are an organization’s greatest resource…yet humans remain the weakest link when it comes to cyber-attacks. Phishing email attacks remain one of the most successful ways hackers target and gain entry into a system. As these emails get more advanced, it becomes increasingly difficult for employees, even those trained in IT, to discern between safe and malicious emails, links, and attachments. No matter a company’s size, investing in some sort of employee education is essential in increasing individual and company-wide cyber resiliency
No matter how many times we hear it, we still are using predictable, weak passwords. Conversely, when we use complex passwords either at home or professionally, another problem is introduced- where do we store it. What happens when we create really effective difficult to crack passwords? We forget them. So how do we remember them? We write them down. Whether we store them in a Word doc or on a post it note next to our desk, unsafe locations make us more vulnerable to an attack.
Outdated security software – even software that has gone a few months without an update – can’t protect you against the latest threats. Antivirus software and other security software must be updated continuously to keep pace with the ever-changing threat landscape.
Organizations must begin by focusing on the critical assets to be protected by a cyber hygiene program. To do this effectively the organization must look at reducing risk by conducting hygiene that identifies, prioritizes, and responds to risk.
The first step in doing this of course is knowing what assets you actually have. Organizations should be able to identify its systems, services, products, vendors, etc. They must conduct accurate analysis and feel comfortable with the risks associated with their various assets.
While it is unrealistic to try to eliminate all risk, determining the biggest, most likely risks, focuses effort and improves efficiency. Cyber Innovative Technologies offers organizations of all sizes cyber risk management solutions through the digital asset approach, effectively allowing companies to see the whole picture of their organization and where their risk lies, in order to prioritize budget and remediation appropriately.
Whether you work at home for yourself or are the CISO of a large multinational, cyber hygiene is a must in order to protect your data, your clients, your company, and your reputation.