Eroare umană și cibersecuritate

Human error and cybersecurity

By Alexandru Petrescu

I am not going to postulate that humans are the weakest link in cybersecurity, but good basic cyber education and simply being careful can take you a long way. Human / employee error is widely recognized as the most important generator of cyber vulnerabilities. From email use, to using unsecured networks and connections, storing sensitive data on unapproved devices, to installing illegitimate apps and allowing personal use of business terminals, employees are is constant need of being reminded of best practices and the obligation to follow rules and procedures. This vulnerability has obviously been exacerbated by remote working and we are all in need of new and fresh ideas to invest time, financial and know how resources in education&training, upgraded equipment and supervisory activities to mitigate this vulnerability. What are the best ways to promote IT compliance by users, a risk enhanced by remote connectivity of workers?
The internet has become a space riddled with malicious links, trojans and viruses. Data breaches are becoming more frequent, and unsuspecting users are more vulnerable than ever before. When one click can cost thousands, and even millions, users need actionable todo’s that can help them stay alert and safe online.

Here are top 10 cybersecurity tips for safe online navigation:

1. Clicking without Thinking Is Reckless
Just because you can click, doesn’t mean you should. Remember, it can cost you a more than you gamble. Malicious links can do damage in several different ways, so be sure to inspect links and ensure they’re from trusted senders before clicking.

2. Stick to your own devices
Try to limit using another user’s device when possible. Never share your credentials with others, and never give anyone remote access to your computer.

3. Be aware of your surroundings
Keep an eye on your device. Keep it locked when you step away from your computer. And never leave sensitive or confidential items at your desk, like post-it notes with your password written on them or USB drives.

4. Keep track of your digital footprint
When you monitor your accounts, you can ensure you catch suspicious activity. Can you recall everywhere you have online accounts and what information is stored on them, like credit card numbers for easier payments? It’s important to keep track of your digital footprint, including social media, and to delete accounts you’re not using, while ensuring you set strong passwords (that ideally you change regularly).

5. Keep up with Updates
Software patches can be issued when security flaws are discovered. If you find these software update notifications to be annoying, you’re not alone. But you can consider them the lesser of two evils when weighing up rebooting your device versus putting yourself at risk for malware and other types of computer infection.

6. Connect Securely
Cyber security tips about this have been dished out by nearly every tech expert under the sun, but many still don’t follow this advice. You might be tempted to connect your device to an unsecured connection, but when you weigh the consequences, it’s not worth it. Only connect to private networks when possible, especially when handling sensitive information.

Human error and cybersecurity
Human error and cybersecurity

7. Secure Your Mobile Device
Security doesn’t end at your desktop. It’s important to get into the habit of securing your presence through your mobile device as well. Use strong passwords and biometric features, ensure you turn off your Bluetooth and don’t automatically connect to any public Wi-Fi, and download with caution.

8. Beware Social Engineering
When hackers can’t find a security vulnerability, they’ll attack in other ways. Enter social engineering. This type of attack is more of an attack on the mind of the user, rather than on the device, to gain access to systems and information. Especially with the information publicly available online and over social media, cyber criminals come up with creative ways to dupe users.

9. Back Up Your Data
These days, storage doesn’t cost much. There’s no excuse not to have a backup of important data. Back it up on a physical location and on the cloud. Remember, malicious threats and hackers don’t always want to steal your data, but sometimes the end-goal is to encrypt or erase it. Back it up to have an ultimate recovery tool.

10. You’re not immune
The most harmful thought you can have is “it won’t happen to me,” or “I don’t visit unsafe websites.” Cyber criminals don’t discriminate in targeting all sorts of users. Be proactive. Not all mistakes can be undone with “ctrl + Z”.