October is National Cyber Security Awareness Month

 

October is not just the month for getting into the Halloween spirit. It’s also National Cyber Security Awareness month, which is sponsored by the Department of Homeland Security and the National Cyber Security Alliance (NCSA). This campaign was created in 2004 to raise the awareness of the role cybersecurity plays in everyone’s lives. Since the emergence of major cybersecurity events this year, such as the WannaCry ransomware attacks and the Equifax breach, there’s now an even greater urgency to adopt safer cybersecurity practices.

 

One of the themes for this month is called “Simple Steps to Online Safety.” The theme encourages people to take simple actions to protect themselves online and to recover in case a cyber event occurs. StaySafeOnline, a NCSA website, provides online safety basics on these topics:

Spam and phishing: Cybercriminals will use sophisticated methods to manipulate people into clicking on a malicious link, disclosing personal information, or sending them money. The email will instruct you to take action quickly because your account has been compromised or there is an urgent matter to address. Follow up with the company using the contact information on their website, not the email. Also, make sure to enable filters on your email accounts, hide emails from social media profiles, and report spam.

Online shopping: With the rise of e-commerce websites, cyber thieves can use shady websites to trick online shoppers into handing over their credit card information or paying for goods they won’t receive. If you’re considering buying items from an unfamiliar website, make sure to read the reviews of previous customers beforehand. Also, the website should display an https:// address to show it will protect information the visitor submits, such as credit card numbers.

Data backups: Data can be lost due to equipment failures, theft, malware, human error, and natural disasters. Make sure to keep backups at a data center and to the cloud. Also, the backups should have file versioning, which means multiple backups are collected at different time intervals.

Malware, botnets, and ransomware: Cybercriminals can spread malicious software that can steal, corrupt, and destroy valuable data. Plus, the device can be included in their bot network to infect other victims. Make sure to scan your devices with anti-virus software on a regular basis. Also, keep your operating system, device application, and web browsing software up to date.

 

Another theme for this month is “Cybersecurity in the Workplace is Everyone’s Business.” This theme urges organizations to create a culture of cybersecurity and for each employee to take a role in preventing cyber-attacks. The National Institute of Standards and Technology (NIST) provided a cybersecurity framework you and SwiftTech can refer to when improving your business’ cybersecurity practices:

Identify: Determine your company’s most valuable assets, such as customer records, employee tax information, and credit card information. NIST recommends keeping an inventory of your data and technology assets. Also, make sure to keep track of the employees who have access to each of those assets.

Protect: Set up safeguards to prevent and protect your assets against cyber threats. Basic protection involves scanning devices with anti-virus software regularly, keeping device software updated, and limiting access to network drives to those who need it. NIST also recommends not reusing passwords on accounts, using a VPN on a public Wi-Fi hotspot, implementing two-factor authentication for online accounts (when possible), and participating in periodic cybersecurity training.

Detect: Monitor IT systems continuously and alert of any cybersecurity events. SwiftTech uses advanced software that monitors your network around the clock for any threats. However, NIST recommends that each employee should be able to spot suspicious activities (e.g., phishing, ransomware, and scams) and then report them. In addition to the tips mentioned in the “Simple Steps to Online Safety” section, make sure to inspect links closely on emails and texts before clicking. Also, don't open unexpected attachments, especially from contacts you don't know.

Respond: Take action in response to detected cybersecurity events. In case this happens, SwiftTech will work diligently to resolve problems that result from the event, such as restoring network operations, recovering lost data, or finding replacements for damaged equipment. However, your organization should have a business continuity plan in place for continuing operations during a disaster, alerting customers and third parties of the event, and reporting to industry regulating agencies.

Recover: Resume normal workplace operations promptly after a cybersecurity attack. Determine the cause of the security breach, implement fixes across the entire organization, and then update your IT policies. For example, if someone was attacked by ransomware because they were using an outdated Windows operating system, such as Vista, you would need to update that person’s system, and then ensure all company devices are kept up to date going forward. Also, if an unsuspecting employee pays a fraudulent invoice, you contact the bank to stop the charges and educate your staff regularly on phishing scams.

 

SwiftTech Solutions wants to make sure your business stays protected. If you have any questions about your company’s security, feel free to contact us by calling 877-794-3811 or emailing This email address is being protected from spambots. You need JavaScript enabled to view it..

 

In addition, our subscription-based cloud service, called Security as a Service, provides added protection against security breaches. The service includes:
• Ransomware Protection
• Email Security
• Web Security
• Enterprise Anti-Virus & Anti-Malware Protection
• Intrusion Prevention, Detection, & Management
• Security Monitoring

 

If you're interested in subscribing to our Security as a Service, please contact SwiftTech Solutions at 877-794-3811.

 

Contact us at 877-794-3811 or [email protected] for Professional IT Support

get in touch