October is Cybersecurity Awareness Month
2023 marks the 20th annual Cybersecurity Awareness month when the Cybersecurity and Infrastructure Security Agency (CISA) provides information and materials critical to keeping our data, our resources, and our privacy safe. We eagerly join in this effort to educate our employees and our customers and provide tools to mitigate the risk of loss due to a cyber incident.
This year’s theme is “Secure Our World” and it encourages individuals and organizations to take four simple steps to stay safe online:
As an individual, family member, and/or employer, you have the power to enforce this practice. Creating and storing strong passwords with the help of a password manager is one of the easiest ways to protect ourselves from someone logging into our account and stealing sensitive information, data, money or even our identities.
- Make them long – at least 16 characters.
- Make them random – no personal info.
- Make them unique – each one is different.
At Tonry, we encourage the use of LastPass to store passwords but there are multiple password managers to choose from. Research, ask, and choose the password manager that works for you.
Step Two: Turn on multifactor authentication.
The availability of multifactor authentication (MFA) is growing rapidly. When it’s available, use it! We all have our phones handy these days. It can be as simple as sending a random code by text to your phone to enable logging into a website.
Step Three: Recognize and report phishing.
The phishing perpetrators are getting smarter! The grammar is better. The spelling is better. It’s easy to be fooled. Don’t take the bait!
- Recognize. Look for these common signs:
- Urgent or emotionally appealing language, especially messages that claim dire consequences for not responding immediately.
- Requests to send personal and financial information.
- Untrusted shortened URLs
- Incorrect email addresses or links, like amazan.com
- Resist. Don’t click on the links (including any “unsubscribe” link. Don’t reply to the emails. Don’t give out personal information. If you are unsure, pick up the phone and call the sender to verify the email using a known phone number (not the number in the email). Be suspicious.
- Report and delete. Use your Junk mail settings to filter out unwanted email and to flag phishing emails as junk. Most importantly, delete these emails.
Step Four: Update your software regularly.
Watch for notifications. Install updates as soon as possible. Turn on automatic updates. Software is continuously updated to protect against new threats. Don’t procrastinate.
What else can I do to protect my business from loss due to a cyber incident?
Consider purchasing a Cyber Insurance Policy. The process of applying often involves a “self-assessment” to determine areas where your security or practices are weak. Identifying and improving these areas will reduce the likelihood of an incident.
Then, review the options for insurance. Tonry can provide multiple quotes for varying levels of insurance from different cyber insurers. We will help you understand the terminology, identify your exposures, and provide options.
If you are interested in securing quotes, please contact us!
To download a PDF version of this blog, please click here: