We may not realize it, but our daily routine habits have long-term effects. Some of them are positives, others could be on a negative note, but there is always at least one lesson to be learned. If you choose to eat healthy regularly, this habit will surely impact your lifestyle for the next years. If you read only a few pages of one book every day, you’ll see the world from different angles, enrich your vocabulary, and better understand people and the world we live in.
This applies to cybersecurity (decisions) as well. And let’s say that”within every decision, comes great responsibility.” Our daily habits we use in the digital landscape can impact greatly our future. If you are like me, you probably want to know that all your valuable digital assets such as photos, work-related documents, and files, apps, emails are in a safe and secure place.
I really hope you don’t have the widely-spread mindset “It can’t happen to me”, and assume you can’t become a victim. Cybercriminals don’t target only large organizations or institutions, everyone is exposed and can be vulnerable to all kind of cyber attacks. Is wrong to think that. We should take precautions to better secure our online identity.
With wise security choices come no regrets.
Did you know a recent report found that cyber attacks are in the top three risks for the society, along with natural disaster and extreme weather?
You shouldn’t be surprised! The digital landscape doesn’t provide safety as we’d want it, or as we think it should (the “security by default” mentality). There are online threats with every click we take and we need to think about our online behavior seriously. It is essential to adjust our habits so that we can become our own layer of protection.
Don’t expose yourself and your valuable data out there and take security choices you’ll regret in the upcoming years. Learn how to be resilient and easily detect online threats.
Apply these actionable security tips to enjoy safer digital experiences
- Do not share too much personal information on the Internet, because you can expose yourself to identity theft and imposter scams. For security reasons, it is better not to give full information such as birth date, address, the city of birth, phone number, share location when you are on vacation, or other sensitive and personal details that could expose your data.
- You may not realize it, but each time you check-in at home, at the airport, restaurant or any other public place, you become an easy target for malicious hackers. Who knows when you might get a visit from potential thieves? Once you expose your current location, attackers will know you’re on vacation and (most likely) rob you. For security and privacy matters, do not share your current location and provide as little information as possible about it while on the go.
- Also, don’t share photos of your credit card details on social channels, because hackers can find different ways to get access to your financial accounts. Food for thought: read these stories of people who share images of their credit cards on Twitter or Instagram. You can easily get ripped off. “Sharing a picture online of your credit/debit card is a surefire way to have your details hacked.”
- Make sure that you don’t reveal your passwords to other people. Not even with your best friend or family members! The password is the key to access all your sensitive data stored on the email or other online accounts. Same applies to the working environment. You never know, but an insider threat could be next to you and can easily access sensitive data of your company. Make sure you block your computer each time you leave the office desk.
- We highly recommend changing your passwords regularly and set strong and unique passwords for your online accounts. Use this password guide to manage your passwords like an expert.
- Be careful when accepting random friends requests on FB from people you don’t know. You may be targeted by online scammers who want to collect data about users by creating fake Facebook profiles. If one of your friends send you a suspicious link, don’t click it, because it may redirect you to a malicious site and infect the PC with malware.
- Most of the spam campaigns usually take place via email, so we strongly advise you not to click or download any file or document attached that looks suspicious to you. Online criminals will always find innovative methods (like spoofing) to steal users’ sensitive data. Here’s how online scams work and how you can easily detect them.
- Don’t post private conversations without asking for permission in advance. Social media is a great place to interact and work with others, but many of us still have problems understanding how to use these platforms properly. Follow and use these specific netiquette rules. Remember that all messages you post on FB or other social media channels will remain there forever, because they store and collect data, and might affect you at some point. Always check your privacy and security settings for every social media platform you use and think twice before choosing how much data you want to make publicly accessible or keep it private.
- When you browse the Internet and search for something specific, you are not completely safe and you can infect your PC with malware or other online threats. Every browser has vulnerabilities that need to be fixed, so it is important to keep your browser up to date all the time and apply all patches available. This applies to all your plugins, add-ons or operating system. This step-by-step guide will show you how to get solid browser security.
- Education is always the key to stay safe online and be protected, and we strongly remind you to stay informed and learn from free educational resources.
We thought it might be useful to compile a list of 10 security decisions that can have an impact in the future. It can harm us more than we realize, so read them carefully.
Later edit: The list isn’t complete and we’ll keep updating it with more useful recommendations about security decisions that impact our lives.
Decision 1: Allowing someone else to dictate your security priorities
Here’s a piece of friendly advice: Don’t let someone else tell you how to prioritize your security problems! Make sure you understand your own needs and decide what security measures you should follow, in order to enhance online protection.
When it comes to cybersecurity priorities, it’s better (and wiser) not to rely on everyone who shares their views and opinions on digital safety. Do not be influenced by someone who tells you how to approach security matters. Instead, think of your own security challenges and prioritize them to better protect your valuable online assets.
Decision 2: Not focusing on educating yourself about cybersecurity
Probably one of the best investments for each of us is education. I sincerely believe that cybersecurity education is our best weapon to fight against today’s wave of cyber attacks. Education should be our core belief and main concern in keeping our valuable assets secure.
Cybersecurity education is the key to unlock a safer future and minimize the impact of cyber security incidents. Make sure you focus on spending more time and effort to learn as much as possible about the cybersecurity environment.
Why? Because the most successful cyber attacks aren’t just about technology but tied to the human error.
If you don’t know where to begin your learning path, have a look at these free educational resources that apply to anyone, no matter the background or skills level.
Decision 3: Reading cybersecurity resources with no actionable insights for you (and myself included)
What’s the point of reading cyber security online resources if you don’t apply the information found there? I know that a quick search on Google can generate lots of blogs and websites in this field. The big challenge comes when you need to filter and choose those valuable resources that can teach us actionable stuff.
I think we should start with a simple idea: your reading should be useful and actionable all the way through the journey in cybersecurity. You need it. We all need it. More than that, it’s essential to be ready for the future.
“Practical application of what you read reinforces what you’ve learned because you’re forced to integrate it into your life. If all you do is consume, you’re much more likely to forget what you read” said Srinivas Rao on Medium
As the author says, reading things we don’t actually apply to lead us to a “vicious cycle of excessive consumption which limits the creativity and prevents you from consuming less and creating more”.
If you want to read actionable cybersecurity resources, we’ve curated a list of Internet blogs and websites that could help you become savvier in info security.
Also, we asked security experts about books, and they’ve recommended some of the best educational cybersecurity books out there to read.
Decision 4: We don’t think of the security implications beyond our devices
After purchasing a device, – whether it is a desktop or mobile-, we don’t think of all the security implications too much. We are probably too excited about the cool features (and apps) included, and we miss this part.
We expose ourselves and our data by becoming more vulnerable to cyber attacks and easily prone to malware infection.
Everyone (myself included) believe that security is by default, and we don’t take the time to check all the existing settings.
I learned how my security decisions have a great impact on my future.
Click To Tweet
Here are some hands-on and actionable guides you may want to read for keeping your devices safe:
Smartphone security guide
Windows 10 Security Guide
How to Protect your PC with Multiple Layers of Protection
Decision 5: Not paying enough attention to the security software you install
When you look for a security software program, you’ll probably choose based on a recommendation from friends and family. This is a wise decision showing you care about your data. It is essential to add an extra layer of security to lower the risks of seeing your files and documents being stolen by hackers.
Depending on your budget, you could choose a free or paid security software to protect your digital assets. Also, make sure you pay enough attention to the product you’ll install, so you don’t have regrets afterward.
Why? Because in general we install software products on our devices with a few clicks and this is it. We forget about them. What we don’t do is:
- Check for all the necessary system requirements;
- Change default passwords;
- Choose carefully and not investing in quality and legitimate products;
- Check for built-in apps and all the software package included.
Independent software programs usually are packed with modules that constantly check for updates. Some have the auto-update feature built-in, while other program lets you do it manually. I recommend performing these updates that deliver revisions to your device (fixing major security vulnerabilities, removing and including new features).
Here’s what security experts say about the importance of software patching and why it’s an essential key factor for your online safety. Cultivate this healthy habit of checking and installing for updates as a part of your daily digital routine.
Also, remember that the longer your devices run without updates, the more exposed you are to data leakage and other cybersecurity threats.
Decision 6: Postponing data backups
I am sure you’re concern about your data like me, but postponing to backup of all your critical data is a choice we might regret in the future.
The longer we postpone this action, the more our data is vulnerable to attacks and prone to be lost unexpectedly. That’s why it is essential to have a copy of all your valuable data on external sources like a hard drive or in the cloud (Google Drive or Dropbox).
Here are the golden rules of data backup you should follow right now:
1. Keep at least 2 copies of your data.
2. Have backups on different external devices.
3. Maintain a constant, automated backup schedule of your files and documents.
4. Secure your backups with strong passwords and keep those passwords safe.
Therefore, for people like you and I, who can’t really spare that much time when it comes to backing up data, here’s a simple and actionable guide to follow.
Several security solutions offer backups for your computer data, and many of them will do this automatically and periodically. You can also create your own backups (and it won’t hurt to have multiple backups anyway). Just be disciplined in making sure you regularly do the backups so that if something should happen, the minimum amount of data is lost.
Decision 7: Not using two-factor authentication
A Google software engineer said during a security conference that less than 10 percent of active Google accounts use two-step authentication to enhance protection for their devices.
You may not give it too much importance now, but its main purpose is to make malicious actors’ life harder and reduce potential fraud risks. It will make it more difficult for cybercriminals to breach your account.
It’s nothing wrong with facing difficulties to understand new technologies. It’s wrong trying to ignore or postpone them because it will affect your online safety in the long run.
3 main reasons why should you use/activate two-factor authentication (2FA):
- Passwords on their own aren’t as powerful as we believe they are, and can’t fully protect us. Cyber attackers have the power to try billions of passwords combinations and crack them instantly.
- People tend to use the same password on different accounts and when online criminals succeed to crack it (via brute force attack), all your data will be exposed. Don’t do it! Set unique and strong passwords and consider using a password manager tool.
- 2FA offers an extra layer of security and reduces cybercriminals’ chances to launch an attack. It’s hard for them to get through the second authentication factor.
Enabling two-factor authentication method is a must-have for all our email accounts, social media accounts, apps or online banking accounts. You can use this step-by-step guide to help you activate it for various online accounts. As for the passwords, do not reuse them for different online accounts.
Decision 8: Sharing too much personal information on social media
This is one of those security decisions you will definitely regret in the future. For privacy matters, do not to share your full personal data (birth date, address, the city of birth, phone number, or any other details on social accounts).
This way, you expose yourself to identify threats and most likely become more vulnerable to all types of online scams. Cybercriminals use social engineering techniques to exploit your data and get quick access to them.
Nothing beats learning from personal experience, but sometimes it’s better to learn from others’ experience rather than having a negative one. These true Internet stories could be an inspiration for you to take cyber security very seriously. Also, it doesn’t harm to be a little bit paranoid and protect your digital assets as everyone wants them.
Decision 9: Connecting to unprotected Wi-Fi networks
There is no news that Wi-fi networks come with a set of security issues. This allows malicious hackers to use Wifi sniffers and other methods to intercept almost all the data (such as emails, passwords, addresses, browsing history and even credit card data).
Before I started working in cybersecurity, I used to connect to every public and free Wi-fi network when visiting a coffee shop or restaurant. I learned not to do this anymore.
I realized (and understood) the security risks I was exposing myself and all my data by relying on Wi-fi networks. Now I turn it off :-).
This is one of those security decisions you’ll regret one day, so do your best and avoid Wi-fi connections that don’t provide password encryption when you’re enabling it. Cybercriminals can hack into a public Wi-Fi, just like this 7-year-old kid did.
To be extra safe on public Wi-fi, make sure you:
- Visit and use only secure websites with the HTTPS protocol while browsing the Internet and, mostly, while doing various banking operations.
- Consider using a Virtual Private Network (VPN) and block malicious actors’ attempt to access sensitive data sent over the unsecured Wi-Fi network.
- Keep your operating system up to date and patch everything
- Do not connect to a public Wifi without having antivirus software installed on your device.
Decision 10: Giving up on cybersecurity because it seems too complicated
For many of us, cybersecurity seems to be way too technical and difficult to approach, and for this reason, most users give up on understanding the basics of cybersecurity.
It gets confusing for regular users, but also for business owners, journalists, or people working or involved in cybersecurity. At some point, all parties involved think “why can’t security be simpler?”
Cybersecurity is complicated because life is complicated and there is no perfection. We can’t be a hundred percent secure – so the rhetoric and fear monger of vendors and security professionals has given in to a feeling of helplessness and disparity among the 80%. said Ian-Thornton-Trump on an expert roundup.
Decision 11: You do not check for reliable and trustworthy (re)sources
We live in a world where we are overwhelmed with lots of information from every social network. We consume and have access to so much free content that it gets difficult (and challenging) to distinguish between fake and real news.
While fake news is nothing new, disinformation can play a significant role in spreading and creating a fake reality that people (will) believe in.
Every time we look for something and doing research on a specific topic, the information is right there, at one click distance. But how many of us are willing to go over the process of filtering and checking data? How do you know if it comes from trusted, high-quality sources?
PRO TIP: We strongly recommend to always fact-check other resources, and not rely solely on the first (re)source you find. Here are some useful tips that can provide actionable information on how you can better spot fake news. Also, it is important to combat them through user education, high-quality journalism, and always double-checking other resources.
Each of us should be more aware of the long-term consequences of fake news, combat them, and invest in education to know how to better detect disinformation.
You can easily tackle it by attending a (free) cybersecurity course for beginners that will teach you how to improve your online safety. Once again, I emphasize the importance of education that can open and save digital lives.
The more we have a proactive cybersecurity defense, the safer we’ll be on the Internet where we can better combat the alarming wave of online threats. Cybercriminals don’t cease to surprise us with the various methods used during their cyber attacks.
Is any of these security decisions on your list to follow? What key factors influence your security decisions making? We are curious to know what you think of it, so feel free to share your thoughts.
The post 10+ Cyber Security Decisions You (and Me) Will Regret in The Future [Updated] appeared first on Heimdal Security Blog.