3 MINDSET SHIFTS TO IMPROVE YOUR CYBERSECURITY

I’m sure it’s not surprising that cybersecurity isn’t a destination, but a process of continuous improvement that’s always evolving.

If cybersecurity is constantly evolving, then how could we possibly learn how to keep ourselves cyber secure?

By shifting our mindset.

Shifting away from looking at cybersecurity as a task to be completed, or a problem to be solved and towards a continuous process of analyzing whatever situation we find ourselves in along the way and making the best cybersecurity choices.

Does that seem crazy?

Mindset shifts to improve your cybersecurity? Doesn’t make much sense, right?

Think about your personal safety in the real world. Do you put a lock on your front door and call yourself safe? Or do you analyze if its safe to cross the street, make that left turn in your car, or jump off that cliff into the lake below?

Some of this analyzing might be second nature or subconscious, sure. But you’re still analyzing each situation and making a call based on the safety risks you find.

The goal is to begin doing the same for cybersecurity and shift our mindset to thinking this way.

There are three mind shifts we need to make. What exactly are they? Lets look at them below:

 

Mind Shift #1: Stop thinking of cybersecurity as tools and methods

Most of the traditional cybersecurity advice includes what tools and methods you should be employing right now. Tools such as Antivirus or Multi-Factor Authentication and methods such as how to identify phishing emails are all important.

While these are good right now, at the end of the day they’re all solutions designed to reduce certain cyber risks. They’ll also change as technology or your situation changes.

How do you know how many tools and methods you need, and which ones are applicable to your situation? How do you know how much security is acceptable?

The first mind shift is to understand that cybersecurity tools and methods are solutions to reduce certain risks, such as flu shots are solutions to reduce your chances of getting the flu, or seat belts are a solution to reduce your chances of getting seriously hurt in a car accident.

 

Mind Shift #2: Start thinking of cybersecurity the same way we think of safety

You wouldn’t leave your home with the front door unlocked, leave your tax returns or personal documents in a public place or cross the street without looking to ensure its safe to do so. So why would you do that on the Internet?

Just as we evaluate each situation we find ourselves in to ensure we’re safe in the real world, we need to shift our perception of cybersecurity from the idea that we can’t “see” the risks, so we don’t need to worry about them to the idea that even though we can’t “see” any cyber risks, there are still some there and we need to be able to identify them for ourselves.

 

Mind Shift #3: Not everyone has the same risk or cybersecurity needs

While everyone has the potential to be a victim of cybercrime, the more we share, communicate and integrate our lives and businesses with the internet the more we open up ourselves to the risk of being caught up in cybercrime.

While for most of us the risk is manageable, there are many factors which can increase your risk level and make you a more appealing target to cybercriminals. Some of those factors include:

      • Wealth
      • Business Status
      • Publicity, Fame or large social media followings
      • Frequent travel
      • Internet-connected  Technologies or Internet of Things (IoT)
      • Business or domestic employees

The traditional cybersecurity advice intends to cast the widest net as possible and secure the most people possible. The goal of the third mind shift is for you to understand what your personal situation is, and what in your life might be exposing you to cybersecurity risk. Then you can employ the tools and to reduce the risk most applicable to you.

Of course, the list above isn’t exhaustive. It’s meant to get you thinking and considering all aspects of what could impact your cybersecurity, both online and offline.

So, how can we shift our mindset? Stay tuned for our next post!

Interested In More?

Join our newsletter to learn more and get regular updates! Did we mention it's free?
CLICK HERE TO SIGN UP!

Don’t Let Your Connected Devices Ruin Your Holidays

Ah, December.

It’s the time of year when we go out and buy our friends, family and even ourselves (You know you’ve done it!!) brand new computers, phones, and *insert gizmo here*.

Connected devices, wearables, drones, and so many other tech gadgets are all making the holidays much more fun.

However if not configured or set up correctly, these devices could put your personal security and privacy at risk.  They could even expose important personal and financial information.

Default credentials

Many of these devices are shipped with default usernames and passwords. This means that the default username and password combination is well-known by the manufacturer, and support people. It may even be written in documentation posted on the Internet.

Yikes. Because of this, it is important to change the default password and even the username, if you can.

If the device will allow you to use a passphrase, then even better! This will prevent anyone from being able to access your device if someone gets on your home network, or if it accidentally gets connected right to the internet.

If your device also connects to the cloud or an online component (i.e. you log into the manufacturers’ website to use it) its a good idea to change this password as well!

Default configurations

Normally the default configurations these devices are shipped in, are ready for you to use immediately. This means that any barrier to the shortest setup-and-go has been turned off.

Often most security features may be turned off, or be optional. It’s a good idea to acquaint yourself with all the features of your new device – security and otherwise. Acquainting yourself will help in understanding what the implications to your personal security and privacy are when each one is turned on and off. Then make the decision on which ones to turn on.

Some devices will also include administration portals or some advanced network administration tools. If you don’t have any intent to use these, turn them off. This will ensure an attacker can’t use them.

Connected directly to the Internet

Most connected devices out there aren’t mean to be connected directly to the Internet.

It’s easy to assume that when you plug the cable into your Internet router or connect the device to your home WiFi that it is only accessible to your home network.

Have you ever actually checked?

It’s important to understand what the internet needs are for your device and make sure that your router and network is configured properly. Any extra port forwarding or other settings are removed if not required.

If your device is accidentally left accessible on the Internet it could be easily accessed or hacked. This could expose important personal and financial information, be used as a gateway to access or hack other devices or computers in your home, or be used as a staging ground to hack others.

Two things that can also be overlooked here. First, ensure you’re using a strong passphrase or password on your wireless network. A weak one will only put your connected devices (and everything else on your network) at risk.

Second, do not put your devices on a guest or public WiFi network. Where devices are concerned, these networks can be just as bad as the internet.

Cloud connectivity

Devices now often include some type of cloud connection capabilities within them. This capability could be for extra features, or at times is required to use the device.

When you have a device that includes cloud connectivity, it’s important to understand what information is being sent to the cloud. This is to ensure you know what it’s being used for and how it’s being protected.

If your device is collecting personal, location or other sensitive information and it isn’t protected well, there is a risk it could be lost in a breach.

Start by reading any manuals that came with the device, the manufacturer’s website and Terms of Service and Privacy Policy documents, to start.

Ensure other computers and phones are secure

Do you connect to your device via an app on your phone, or from your computer?

If an attacker can compromise your other computers, they can take advantage of them to then attack your connected devices.

Update your connected devices

Check if the manufacturer of your device releases software or firmware updates. If they do, update the software and firmware as often as possible.

Software and firmware are only as good as the humans who create them. It’s easy for humans to accidentally introduce errors and security holes while writing software. Because of this, when manufacturers find these errors, they normally create an update to fix the issue. Updating the software allows you to get these fixes and plug any holes that an attacker could use.

It also will ensure you have the latest set of security features. Sometimes additional features can be released after you’ve purchased the device.

Wrapping it up

Connected devices are becoming much more popular. Not only are they fun, but they can make life much easier. However, they need to be used smartly. If they also collect personal or sensitive information or are left unsecured, they could be putting your online security and privacy at risk.

Photo by Alex Knight on Unsplash

Interested In More?

Join our newsletter to learn more and get regular updates! Did we mention it's free?
CLICK HERE TO SIGN UP!