Checklist 346: Cybersecurity Awareness Month 2023

In light of October being National Cyber Security Awareness Month, experts at the Cybersecurity and Infrastructure Security Agency (CISA) have provided essential guidance for both businesses and individuals to protect themselves in the ever-evolving digital landscape.

For Businesses

1. Teach Employees to Avoid Phishing

   Phishing, where cybercriminals attempt to trick individuals into divulging personal information, remains a major threat. CISA advises businesses to educate their staff on recognizing and avoiding phishing attempts. Resources for training, including podcasts and materials, are readily available.

2. Require Strong Passwords

   Weak passwords are a common entry point for hackers. Businesses should enforce strong, unique passwords, provide password management tools, and mandate changing default credentials on software and hardware.

3. Implement Multifactor Authentication (MFA)

   MFA enhances security by requiring more than just a password for account access. Methods such as texted codes, authenticator apps, fingerprints, or access cards should be utilized to reduce the risk of compromised accounts.

4. Update Business Software

   Outdated software is a significant security risk. CISA advises businesses to keep their software up to date, replace unsupported hardware and software, and educate employees on the importance of software updates.

For Individuals

Individuals are urged to follow similar guidelines

1. Recognize and Report Phishing

   Individuals should be vigilant against phishing attempts, recognizing urgent or emotionally manipulative messages, unsolicited requests for personal information, suspicious URLs, incorrect email addresses, poor grammar, and misspellings. Suspected phishing emails should not be clicked on or replied to.

2. Use Strong Passwords

   Just like businesses, individuals should employ strong, unique passwords for their accounts to minimize vulnerability.

3. Enable Multifactor Authentication

   Turning on MFA wherever possible can provide an extra layer of security for personal accounts.

4. Keep Software Updated

   Regularly updating software and apps on personal devices is essential to protect against vulnerabilities and security threats.

Both individuals and businesses are encouraged to make cybersecurity awareness an ongoing commitment rather than a once-a-year effort. CISA recommends reinforcing “cyber hygiene” as a routine practice and educating employees or family members about the risks of cyber threats.

In a world where businesses and individuals are constantly targeted by cybercriminals, these fundamental cybersecurity practices serve as crucial defenses to safeguard sensitive information and digital assets. Share this knowledge with others to collectively strengthen our defenses against cyber threats.