The Evolution of Cybersecurity: An Individual Approach to Cybersecurity

The theme for the 2019 National Cybersecurity Awareness Month (NCSAM) is: Own IT. Secure IT. Protect IT. This month, the Cyber and Infrastructure Security Agency (CISA) is focusing on educating individuals to #BeCyberSmart. With this in mind, Hagerty’s second post on the Evolution of Cybersecurity considers lessons and actions that individuals can take in their own lives to improve their cyber readiness and better prepare for potential cyber threats.

Because the world is so interconnected, anyone with access to a computer or a phone is at risk of experiencing a cyber threat. It is important that everyone understands their digital profile and footprint in order to take action against perceived threats. The 2019 NCSAM Toolkit is a guide individuals can use to better own, secure, and protect themselves on and offline. Developed from the 2019 NCSAM Toolkit, the National Cyber Security Alliance encourages everyone to implement the following behavioral changes to increase their cybersecurity:

Own IT.

• Never Click and Tell – Limit the amount of information you share on social media, including your personal address, birthday, current and past locations, travel plans, and account numbers.
• Update Privacy Settings – Routinely check and update your privacy settings. Disable your location settings; cybercriminals do not need to know where you frequently buy your groceries.
• Keep Tabs on Your Apps – Check mobile application permissions and limit their privileges, including location services. This safeguards your device so that applications cannot gather your personal information without your consent.

Secure IT.

• Shake Up Your Passphrase Protocol – Be creative with your passwords and consider making them as long as possible. You should also consider having different, intricate passwords for each of your accounts.
• Double Your Login Protection – Enable multi-factor authentication (sometimes called 2-step verification) to strengthen security measures and ensure that you are the only person who can access your accounts.
• Shop Safely Online – Only use secure websites when sharing personal account information. Make certain that website URLs begin with “ https:// “ when sharing sensitive information with retailers or banks.
• Play Hard To Get With Strangers – Do not respond to emails unless you know where they are from, and consider using “junk” or “block” options to stop receiving messages from senders you do not know.

Protect IT.

• If You Connect, You Must Protect – Make sure your security and anti-virus software, web browsers, and operating systems are up-to-date on any devices that are internet accessible.
• Stay Protected While Connected – Avoid using websites and applications with sensitive information when you are not using a secure Internet connection. Your personal hotspot is safer than open, free Wi-Fi.
• If You Collect It, Protect It – Do not share personal identifiable information (PII) across websites that are not secured.

RANSOMWARE ATTACKS IN THE UNITED STATES

There has been a significant increase in conversation about ransomware incidents (e.g., Cryptolocker, CrySiS, Bad Rabbit), because in 2018 enterprises experienced an upsurge in highly damaging targeted ransomware attacks across the United States. Enterprises typically use email as a primary form of communication; therefore, they have become more susceptible to email-based ransomware attacks.

While many threat actors target businesses, individuals can also experience this type of attack as well. According to the Symantec 2019 Internet Security Threat Report (ISTR), the United States was the top country for mobile ransomware infections, accounting for 63 percent of all infections.

Ransomware begins to spread shortly after penetrating a system. The greater the degree to which the ransomware spreads throughout the system being attacked, the greater the impact to the business or an individual. Because data is often lost or compromised as the result of a ransomware incident, individuals are encouraged to use an external hard drive to back up important documents, especially medical and financial documents.

ADDITIONAL RESOURCES

To learn more about how to protect yourself online, visit the Department of Homeland Security’s website on NSCAM 2019 or check out the Stop. Think. Connect. Toolkit.

Hagerty is prepared to help your organization leverage the National Critical Functions and Community Lifelines to enhance your organization’s operational capacity. Using our innovative Cyber Nexus Approach, Hagerty leverages subject matter expertise and experience planning with states across the country to bring diverse stakeholders together and build organized, effective cyber operations. To learn more about our cybersecurity services, contact development@hagertyconsulting.com.