When cyber safety is ingrained into our culture, the extra effort needed becomes natural and intuitive.
Cyber hygiene starts at the personal level and funnels up to the organizational level. In 2022, as the COVID-19 pandemic continues to change how people work and play online, it is time for a refresher in cyber hygiene.
Web-borne threats, also known as online threats, are a category of cybersecurity risks that may cause an undesirable event or action via the internet, which usually expose people and computer systems to harm. A broad scope of dangers fit into this category, including well-known threats such as phishing and computer viruses.
The most common methods used by cybercriminals to penetrate systems include exploiting vulnerabilities in browsers and their plugins (drive-by download), and social engineering. Infections via drive-by downloads take place when visiting an infected website without any intervention from the user and without their knowledge, and is used in majority of attacks.
On the other hand, social engineering attacks require user participation, where a user has to provide access to one’s devices.
For organizations embracing any form of hybrid/remote work arrangements, Kaspersky experts have the following tips to help employers and businesses continue to stay on top of any potential IT security issues and remain productive:
- Cybersecurity should be a ‘living’ and dynamic strategy, not a static platform. With this mindset,people and organizations willnaturally blend technology and effort, making sure cybersecurity is constantly upgraded, updated and improved.
- Implement proven protection software, on all endpoints. Small and medium-sized enterprises can use a combination of affordable but effective software solutions to boost their defences against complex threats holistically.
- Consider a threat intelligence platform. Harnessing a specialized intelligence community will provide organizations with pre-emptive insights to act on, and make informed decisions on what needs to be done to keep the potential harm at bay; refine existing security processes to better defend against known threats and to continually plug any gap in the IT infrastructure.
- Audit supply chain cybersecurity. Breaches to third-party security systems belong to vendors and supply chain stakeholders have spectacularly played out in 2021. No organization is immune to these security threats, and it is important that we heighten our vigilance when it comes to other organizations’ cybersecurity. Take responsibility for your own organization’s cybersecurity posture in a way that renders it safe from the supply chain, but impose mutual, binding expectations of high cybersecurity standards.
For everyone else, here are the top security tips:
- Follow the rules of cyber hygiene: use strong passwords for all accounts, do not open suspicious links from emails and social media platform messages, never install software from third-party markets, be alert and use a reliable security solution.
- Employ common sense before handing over sensitive information. Do not readily share private or confidential data online. When you get an alert from your bank or other major institution, never activate the link in the email. Instead, visit the actual institution’s website and navigate to the section containing the alert and follow-up links.
- Never click on unverified links or open suspicious email attachments: Avoid clicking on links in spam messages or on unknown websites. If you click on malicious links, an automatic download could be started, which could lead to your device getting infected. Ransomware can also find its way to your device through email attachments. Avoid opening any dubious-looking attachments.
- Use established, constantly updated anti-malware apps. These solutions, whether free or sold on subscription, can protect against malicious apps, detect suspicious background behavior in the device, as well as remind you of any risks and threats in the activities performed on the device.
Finally, stay in-the-know by subscribing to CybersecAsia.net and DigiconAsia.net content and other specialist websites, and share your knowledge with everyone you know!