In the New Year, Don’t Fall Back Into the Same Bad Cybersecurity Habits

In the New Year, Don’t Fall Back Into the Same Bad Cybersecurity Habits
Author: Amy Diestler, CISA, Governance, Risk, and Compliance Analyst
Date Published: 7 January 2020

Around this time each year, many people aim to follow through on their New Year’s resolutions with the hope of finally being able to break that bad habit, which can prove trickier than we would like. Unfortunately, the same often holds true in our approach to cybersecurity. Despite repetitive cybersecurity reminders, time and time again, we fall back into old habits. However, the new year seems like the perfect time to try to convince you that those bad cybersecurity habits might not be so hard to break after all. Below are several patterns to break that can make a big difference.

Using Weak Passwords
123456, iloveyou and qwerty continued to be used as passwords in 2019 and, no surprise here, they continued to show up in data breaches. Consider using a password manager to make it easier to remember those really long, complex passwords you are going to be coming up with as part of your resolution. In addition, start enabling two-factor authentication as much as possible – yes, even for that random app you decided to try “just once.” If you already do this personally, encourage your company to start implementing new policies or revamping those old policies to match updated password recommendations.

Insufficient Vigilance with Phishing Emails
Fake attachments were on the rise in 2019 due to email filters only scanning the body of an email for phishing links, while social media networks and Office 365 became larger targets for phishing emails because of the amount and value of the information contained within them. To start off 2020, promote awareness of phishing email red flags with a fun graphic or create a regular test schedule for email phishing campaigns. For your personal benefit, take a free phishing IQ test to make sure you stay on top of your game.

Accessing Free or Public Wi-Fi
We continue to use free and public Wi-Fi because, well, it’s convenient. We use it on our phones to check social media, and employees continue to use it on their laptops to access work on the go. One of these next tips might just be the easiest New Year’s Resolution you’ve ever made: turn off AirDrop and file sharing, log out of sites when you leave them, and change your device settings to not automatically connect to available Wi-Fi networks. For those that may need to access confidential information, make sure you use VPN and install updates for apps and the operating system as soon as possible.

The best thing you can do to ring in 2020 is to continue educating your company and the people around you about cybersecurity best practices. Human error continues to be the biggest weakness in cybersecurity, but you never know when a New Year’s resolution might actually stick.