Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Cybersecurity is Everywhere

For as long as there have been computers and networks there have been security issues to go along with them. As technology evolves, attackers develop new exploits and techniques and the threat landscape shifts. Companies and IT departments have to continuously adjust and adapt to guard against infections and compromise—and there is a lot that we as individuals can learn from our employers to do a better job of protecting our own devices and data.

So, in honor of National Cybersecurity Awareness Month in the US, this October we are sharing insights about security issues that affect our everyday lives. To kick off the series, here are three key points about the corporate approach to cybersecurity that you can apply to your own devices.

1. No target is too small

Many individuals make the mistake of assuming they don’t need to be concerned about security because they’re not targets. They think they don’t have any important data, or that they don’t have enough money for any would-be attacker to bother.

While there are certainly some targets with the potential for a lucrative payday, that isn’t necessarily the goal of most attacks. In fact, most attacks circulating on the Internet are automated—or bots—that simply seek out vulnerable connections to exploit. The bot doesn’t know who you are, or what you’re worth, and it doesn’t care.

Any compromised system has some value. The attacker may be able to skim enough information from hacking your PC or mobile device to steal your identity, or capture your credentials for things like bank and credit card accounts or social media. If nothing else, a successful compromise can enable the attacker to use your PC or device as part of a botnet to launch denial-of-service attacks, distribute spam, or wage further attacks against other systems.

You’re not too small or insignificant to be a target

The bottom line is that you’re not too small or insignificant to be a target, and you owe it to yourself—and everyone else you’re sharing the Internet with—to try and prevent yourself from being hacked.

2. Become a moving target

Everyone knows they’re supposed to use different passwords for different applications, sites, and services—and that those passwords should be changed relatively frequently. Companies implement and enforce password change policies to force users to follow this standard security practice.

We know that most people don’t actually do this for their personal accounts, though. How do we know? Well, for one thing, every time there is a major data breach, we learn that the most used passwords are still things like “123456” or “password” no matter how many years security experts have begged people to stop using those. We also find that when attackers successfully breach a site like LinkedIn or Yahoo, there is an associated increase in compromise of other sites and services because once the hackers have your username and password for one site there’s a good chance they can get into the rest of your accounts as well.

You can almost assume that your credentials will be compromised at some point

You should do your best to use different usernames and passwords across different sites and services. More importantly, though, you should periodically change your passwords. It makes you a moving target. You can almost assume that your credentials will be compromised at some point, but hopefully by the time attackers crack your password you’ve already changed it so you’re still safe.

3. Don’t let your guard down

Corporate cybersecurity relies on a combination of being both comprehensive and persistent. You can’t be secure by protecting only some of your devices and data, nor can you be secure if you only protect yourself some of the time.

You should have anti-malware or security software of some sort on your PCs and mobile devices. Security software won’t catch everything, though, so it’s also important that you remain vigilant and apply common sense. Don’t click on links or open attachments from unknown sources, or from known sources if the circumstances seem questionable. A little dose of skepticism goes a long way when it comes to avoiding attacks and exploits.

Remain vigilant and apply common sense

One more bonus tip. Back up your data. Ransomware is an insidious and growing threat. If you’re hit with ransomware, the attack will encrypt all of your data and the only way you’ll be able to regain access to it is if you pay the ransom demand...or restore your data from a recent backup. If you have copies of your data backed up on external drives or stored in the cloud somewhere, you won’t need to pay the ransom. You can just restore your unencrypted data from your backup and go on as if nothing happened.

Corporations have regulations to abide by, and generally more to protect than your average individual. They also tend to have teams of IT and security professionals to manage it all. Even though you’re not a corporation and you may not be an IT professional, you can still employ these basic principles to be more secure and protect your own devices and data.

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.